Vista/Norton warns of "attack"- anything to worry about?

3 replies [Last post]
Offline
Joined: Dec 20 2003
Posts: 354

I bought an Acer laptop for my nephew in Costa Rica, and I wanted to fire it up and make sure everything worked before it goes down there. Setting things up (this is Vista) is of course a pain in the behind, especially since I don't know how my nephew necessarily wants things and I have no windows experience. He might just wipe it all anyway but I don't know.

So one of the things it asks is about a 90 day free Norton trial. I think, well, why not. At least it won't have some virus before I even get it to him. Within minutes of getting it on my WLAN, it notifies me that it has thwarted an "attack." Which I think is peculiar, because my router's (Linksys WRT54G) firewall is on. The details of the attack are:

Port Scan from 192.168.0.1, 53
Traffic Description: UDP, 53

192.168.0.1 seems to be the DSL modem on the other side of the Linksys. Google tells me port 53 has something to do with DNS?

I have never run any Windows or anti-virus software on my local network before, and I am not exactly a network guru, so this is new to me. Is this anything to be concerned about or is this normal network activity? Are my Macs vulnerable? Why is my router letting this pass through?

__________________

"One day I shot an elephant in my pajamas. What he was doing in my pajamas I have no idea."

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
eeun's picture
Offline
Joined: Dec 19 2003
Posts: 1891
192.168.0.1 is almost certain

192.168.0.1 is almost certainly part of your router's normal DHCP operations. Nothing to worry about.

Norton, well...sucks IMHO, and is prone to false positives and resource hogging.
Better to get AVG Free, Spybot Search & Destroy, and Adaware. Plus, they're all free.

__________________

"Give a man a fire, he's warm for a day. Set a man on fire and he's warm for the rest of his life."
(Terry Pratchett)

Jon's picture
Jon
Offline
Joined: Dec 20 2003
Posts: 2804
It sounds like it thwarted th

It sounds like it thwarted the routers attempt to ask it for its name. My router will ask a machine that is attached to it for it's machine name that the OS has set and show that along with the IP in the list of attached devices.

__________________

I am not in this world to live up to other people's expectations, nor do I feel that the world must live up to mine. - Fritz Perls

Offline
Joined: Dec 20 2003
Posts: 354
Thanks, but I still don't und

Thanks, but I still don't understand- if I type 192.168.0.1 in my browser, I get the configuration screen for the DSL modem, so doesn't that mean the request came from the modem, not the router (which should be blocking it?)

__________________

"One day I shot an elephant in my pajamas. What he was doing in my pajamas I have no idea."