Search the Community
Showing results for tags 'IDS'.
Lately I've been getting intrusion attempt alerts from Norton (3 in the past 2 weeks). Previously I never had any but these are strange, the acting path looks suspicious, I believe I may have an infection. Details are as follows: Category: Intrusion PreventionDate & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description8/6/2014 1:08:34 AM,High,An intrusion attempt by 126.96.36.199 was blocked.,Blocked,No Action Required,Web Attack: Malicious File Download 12,No Action Required,No Action Required,"188.8.131.52, 80","www.downgbb.com/US/Installer.php?dv1=10845073&dv2=&dv3=&dv4=&sec_id=qWJ8vBQjIEzEzrekY9hpCTekD38jfEJQvk8rNasah0H8vk8dNBwe7rCQvnsRPBYKPBV4h0z0qWsRhnhazoRavWMRNbëë&marketing_fid=MTQwNzMxMjQ2Ny04MjFjM2E0OTVhZDY5MmJiODBkNmMwNWNmYjBiZDIwOA==","CEE-PC (10.0.0.2, 50137)",184.108.40.206,"TCP, www-http"Network traffic from <b>www.downgbb.com/US/Installer.php?dv1=10845073&dv2=&dv3=&dv4=&sec_id=qWJ8vBQjIEzEzrekY9hpCTekD38jfEJQvk8rNasah0H8vk8dNBwe7rCQvnsRPBYKPBV4h0z0qWsRhnhazoRavWMRNbëë&marketing_fid=MTQwNzMxMjQ2Ny04MjFjM2E0OTVhZDY5MmJiODBkNmMwNWNmYjBiZDIwOA==</b> matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSWOW64\SVCHOST.EXE. To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>.