# What Exactly Is An "attack" On Your Computer?



## Doxie-Doglover-Too (Jan 25, 2007)

I mean, Norton always notifies me when they have blocked an attack. Today it was by Worldgreenpeace. What is it attackers are attempting anyway? and how does a program like Norton know it's bad? etc


----------



## California Jim (Dec 11, 2003)

Hi Doxie:

As I understand it, as other computers become infected with viruses, spywaye, and trojans, they propagate themselves by randomly "pinging" other IP address on the internet. This inquiry is what your software is seeing. So long as your computer is clean and protected you have nothing to worry about. It's simply a knock at the door, and that door is locked.

I recall the first time I installed a program called Black Ice that also tracked "attempts". It was shocking to see the level of skulduggery that's going on out there all day long.

Keep your virus definitions up to date, stay off as many unknown websites as possible, do not open email attachments unless you specifically know what it is and are expecting it, and just say no to all the "funny" stuff floating around on the internet. Most of it is infected.

ON EDIT: You should not have your computer directly connected to the internet. Run your connection through a router! It's a cheap and natural hardware firewall.


----------



## VA_Joe (Aug 2, 2005)

Doxie,

Norton (McAfee and others) work on two basic principles:
1. They know about certain "bad" things - how to detect them and block them. Many of the computer viruses you've heard about are blocked by this method.
2. They know "normal" behaviour and can block the rest. The normal user asks for things from the Internet (email, web pages) and the information is delivered to your computer. You generally don't want other computers contacting you without being asked. Think of your home phone - you call anyone but screen/block incoming calls.

What do they want? Money - from spam delivery, identity theft or they sell the use of your computer.  Here's a recent article on 500,000 machines controlled by someone other than their owner.

In addition to what CA Jim mentioned, here's some good information on  Home Computer Security.

I work on this stuff every day. These people are very clever - the computer "attacking" you has probably been attacked itself (hiding the true hacker). The goal is to make yourself more secure than other potential targets - like running from a lion; you don't have to be the fastest person in the jungle, just slightly faster than someone else.

Joe


----------



## rdvholtwood (Sep 18, 2008)

All the information posted is great!

What I would add is to watch which sites you visit - over time, with my kids computers, they have had more problems with "attacks" and/or viruses than I have. Its great that Norton found it, but, there are a few other programs you may want to download - they're free - and they also help in keeping things "clean"

They are: Ad-Aware & Spybot.

BTW - did a quick search on google and didn't find anything on that attack - if anyone finds it, can you please post...


----------



## Lmbevard (Mar 18, 2006)

Just to add one more caution, most of the "attacks" these days are done more directly. You get an e-mail from Paypal saying some one else has been using your account, click here to confirm your account information or to reset your password. What they want is either your information to sell and/or they download a small program to your computer so that they can use it as a slave in other attacks. Like VA_Joe said, it's about the money now and not just some kid playing with the computers. That's why you don't just buy an anti-virus program now, you buy a suite of programs to work together to protect you computer. That is also why Microsoft added the hated feature of the UA. A good idea gone bad. What they were trying to do is to make sure that you knew when a program was about to be installed, in case you didn't want it.


----------



## Doxie-Doglover-Too (Jan 25, 2007)

I don't even know who worldgreenpeace is or how they'd end up with my ip address. Crazy.


----------



## rdvholtwood (Sep 18, 2008)

Doxie-Doglover-Too said:


> I don't even know who worldgreenpeace is or how they'd end up with my ip address. Crazy.


You mentioned "today" in your post - do you get these messages alot?


----------



## Doxie-Doglover-Too (Jan 25, 2007)

rdvholtwood said:


> I don't even know who worldgreenpeace is or how they'd end up with my ip address. Crazy.


You mentioned "today" in your post - do you get these messages alot?
[/quote]

every once in a awhile, I get the Norton notice an attempt has bee blocked, I usually just let it do it's thing but today was curious and clicked and it allowed me to see who/what attacked and that was the one.


----------



## rdvholtwood (Sep 18, 2008)

Doxie-Doglover-Too said:


> I don't even know who worldgreenpeace is or how they'd end up with my ip address. Crazy.


You mentioned "today" in your post - do you get these messages alot?
[/quote]

every once in a awhile, I get the Norton notice an attempt has bee blocked, I usually just let it do it's thing but today was curious and clicked and it allowed me to see who/what attacked and that was the one.
[/quote]

Just to be on the safe-side, I would manually run LiveUpdate until it tells you that no more updates are available. I would then schedule a Full System Scan when you are not using your computer, just to make sure that you are not infected.

I think you can turn the alerts off without comprimising the system - but I would check in the help file in Norton.


----------



## mike (Dec 17, 2006)

My computer got killed last month by a virus that attacked the startup menu. I was able to retrieve some pics and music but it was unusable. I brougt it to worst/best buy and they said it was not worth it to fix. I was unable to find the restore discs to start over so we bought another computer, it was time for an upgrade anyway. Well I researched some things and vowed never to let this happen again. The geeks at geek squad related that mcaffe was not very good and that is what i was using. Anyway I switched to a virus protection called kapersky and the reviews are pretty good.

ps. Today i found the restore discs so i will try to salvage the computer and give it to my dd for her use.


----------



## California Jim (Dec 11, 2003)

Yeah, many manufacturers are even selling computers without the restore discs to make the computer cost less. Always buy a computer that comes with the discs.


----------



## rdvholtwood (Sep 18, 2008)

California Jim said:


> Yeah, many manufacturers are even selling computers without the restore discs to make the computer cost less. Always buy a computer that comes with the discs.


Good point Jim and to add - if you don't have the restore disks and just the operating system software, you can boot (most of the time) from the CD to re-install. As with any re-install, if you need help, I am sure there are many here on the site that can help you!


----------



## bradnjess (Mar 25, 2007)

rdvholtwood said:


> Yeah, many manufacturers are even selling computers without the restore discs to make the computer cost less. Always buy a computer that comes with the discs.


Good point Jim and to add - if you don't have the restore disks and just the operating system software, you can boot (most of the time) from the CD to re-install. As with any re-install, if you need help, I am sure there are many here on the site that can help you!
[/quote]

My old HP laptop didn't come with restore disks but I was able to order them from their website for about $15.00. Small price to pay to make a useless computer useful again, even though its only used for Webkinz.com now (for my kids of course, not me







).

Brad


----------



## Justman (Jul 22, 2006)

Doxie-Doglover-Too said:


> I don't even know who worldgreenpeace is or how they'd end up with my ip address. Crazy.


Most likely, they don't know your IP address. They run automated scans that run through a series of address and search through ports that are open. It's like a telemarketer going through a telephone directory of every phone number under a particular area code...eventually, someone will answer the phone. Your computer does the same thing. What a firewall does is essentially serve as an answering service. If you didn't initiate the conversation, the firewall drops the call---the same as an answering service does. The ultimate goal of a firewall is to have no telemarketers (bad guys) get through, while allowing calls to come through that you initiated.


----------

