Anyone an expert on Norton Personal Firewall?

[packman 0]

Alecstaar,

 

If you're still there, just the other day I tried unchecking the "Detect Scan Attempts" in NPF but found that it certainly didn't turn off the Alerts. I also tried hiding the Alert Tracker but that also was fruitless. The scans continue to come and I continue to get alerts each time from NPF.

 

Fed up with this situation, I went back to Symantec's website and ran a more detailed security check on my machine. The only vulnerability it found was Location Service (loc-srv). I've no idea what that is but, anyway, the Symantec test found that the port on which it runs is open and is vulnerable to hackers. I gather that the port in question (I'm not giving its number here, for obvious reasons) is used to direct Remote Procedure Calls.

 

The remainder of my firewall is completely stealthed, according to the results. So, is there any way that I can close (stealth) that port, and do it without screwing up my Internet usage?

 

[packman 0]

Alecstaar,

 

It might surprise you to learn that, for about 18 months now, I've had Messenger service turned off completely, ie. stopped. I've had it like that in order to stop Messenger-type spam being received. I was plagued with that sort of spam for a long time but finally stopped it in its tracks by turning off Messenger completely.

 

Any more ideas?

[packman 0]

I returned to Symantec's site and did a search on "Port 135" and, low and behold, an issue concerning its security popped up. Fortunately, Symantec gave clear instructions on how to stealth-block that port within NIS (NPF). I duly made the changes and then went back to Symantec's site and re-ran the online security check. That confirmed the now water-tightness of my firewall.

 

However, it HASN'T STOPPED those accursed alerts!!! They're still occurring.

 

I reckon there must be a bug in NPF and I've now e-mailed Symantec about it. This doesn't affect security, it's more that the constant stream of alerts is terribly annoying and there appears to be no means of turning them off. What seems to be the correct configuration setting for that simply doesn't work. Mind you, my particular version of the firewall is no longer supported by Symantec, so they might have corrected the problem in more recent versions.

[packman 0]

Yeh, I second that view, Alecstaar. Thanks for your indulgence in this issue.

[packman 0]

Certainly, since closing that Port 135, the scans have been much less frequent, so it looks as though it was worth all that investigative work, in the long run.

 

Oh, of course, I realise that if I were to buy the latest version of NIS, I could get the upgrade version, at a discounted price. But, who knows, that bug might have been carried across even into the latest version?! Unless Symantec are willing to communicate with me, they, me and other users will perhaps never know. I must say I find their latest policy on support somewhat offputting (ie. no one-to-one e-mail support, unless you pay for it).

 

Actually, I'm starting to have a look at Firefox. Looked into that yet, Alecstaar? If so, I'd like to hear your view of it. A couple of my contacts have already been trying out v0.9 and are reporting that it works very well. If it does all that it claims, then perhaps those who choose to use it can say goodbye to all those browser-borne viruses, spam, adware, pop-ups and other crap.