Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: Ashish Singh on April 01, 2011, 05:52:23 AM
-
I am experiencing a strange problem from a week. Outpost Firewall Pro is blocking a particular IP Address and its subnet mask also. Is my PC infected using avast 6.0.1044 free.??
Anyone can throw light on this....? ???
-
I had a similar problem with Avast Internet Security last week. It blocked a network threat to a particilar IP and I kept getting the popup every 10-15minutes. What I was told to do was to download and install MBAM, update it and run a quick scan. Also run a full scan on your Avast program.
-
Well I did that but no results. In my case it does not block every 10-15 min but 2-4 hours or even more.
The action you specified helped you?? Or are you still facing the problem??
Its a incoming RPC(TCP) connection made by SVCHOST.EXE...
Any idea what this RPC connection could be for.? I have no much knowledge about networking...
Thanks
Ash
-
Have you tried a reverse IP look up to see who this is? Have you downloaded from the Calender of Updates the most recent blocklists?
-
inetnum: 180.151.0.0 - 180.151.255.255
netname: SPECTRA
descr: Spectra ISP Networks Private Limited
descr: 42, Okhla Industrial Estate
descr: Phase III
country: IN
-
Have you tried a reverse IP look up to see who this is? Have you downloaded from the Calender of Updates the most recent blocklists?
Well as I told you I have no much knowledge of networking so everything you told me just bounced over my head. Can you plz explain it a bit as I little knowledge in networking field
-
With several paid firewalls, you can download for free from Calender of Updates (COU) a list of bad IP Providers that are automatically blocked. Here is the link for Outpost from COU http://www.calendarofupdates.com/updates/index.php?app=downloads&showfile=3 (http://www.calendarofupdates.com/updates/index.php?app=downloads&showfile=3). You will then have to unzip the file and upload it into your firewall program (there should be a place to upload the IP Blocklist). This file gets updated periodically, so you will want to keep it updated.
It appears that this IP address, if not on the IP COU, is one you may want to block. I do not use Outpost currently, but you can go to their forum or wait for someone here who uses Outpost and they can instruct you how to manually block this IP address permanently.
-
Well I did that but no results. In my case it does not block every 10-15 min but 2-4 hours or even more.
The action you specified helped you?? Or are you still facing the problem??
Its a incoming RPC(TCP) connection made by SVCHOST.EXE...
Any idea what this RPC connection could be for.? I have no much knowledge about networking...
Thanks
Ash
Yes in my case the computer was infected, Avast detected the file but couldnt remove, but MBAM did remove it, so everything is fine now! If you did scans on Avast + MBAM and no infections detected, the pc is probably clean.
The suspicious IP was traced by Zyndstoff and he posted the results. check that and see if you know the host of that IP. the IP is from your country so my guess is, it might have something to do with your ISP - and Outpost blocks suspicious IP addresses and it doesnt mean its dangerous, just suspicious, so that might be the reason why Outpost blocks it. In my case MBAM blocks certain IP addresses of Skype as they are in the suspicious IP list in their database.
Anyway do what safesurf said and see.
Cheers!
-
inetnum: 180.151.0.0 - 180.151.255.255
netname: SPECTRA
descr: Spectra ISP Networks Private Limited
descr: 42, Okhla Industrial Estate
descr: Phase III
country: IN
Thanks alot Zyndstoff
Now I got it its in a network of ISP under National Internet Exchange of India.Under NIXI my ISP also comes but I don't know why the hell these people are scanning my ports for? Anyways thanks there is Outpost Firewall Pro which protecting me from these kinds of port scanning.
And thanks alot to all the forum users for such a marvelous support... Thanks alot avast rocks man.... :D
-
It's not uncommon for ISP's to try and scan, but that's what firewalls are for. ;D
-
Get a hardware firewall to stop inbounds.
-
@ the OP: how do you connect to the Internet? ie what sort of hardware do you use, are you on broadband, dial-up... ? ... seems you either are on dial-up or you got an improperly configured router's firewall. Such inbound attacks usually don't even have a chance to reach your software firewall (OutPost in your case)...
-
A router/hardware firewall should be blocking any and all inbounds.
-
close all the programs you can, go to cmd.exe and type this:
netstat -ano
tell me if there's something with ESTABLISHED , if you do, take the proccess PID and goto task manager to check what it is, if you don't, then it's not from your os but from outside.
-
for me I got this
-
As I already told you that connection was made by SVCHOST.EXE. Well And I use USB 3G modem to connect to internet
-
okay so you're not using a router, I can see your external and only IP in the log. On a side note don't leave that pic online too long.
-
I use USB 3G modem to connect to internet
which explains how such attacks are made possible
-
You need to get a router with a hardware firewall ASAP. A hardware firewall is your first line of defense.
-
So you wanna say that I am more vulnerable than others>>>>?
-
You need to get a router with a hardware firewall ASAP. A hardware firewall is your first line of defense.
Sorry I can't as I am always have to be online for office work on laptop as well. Any other way?
-
So you wanna say that I am more vulnerable than others>>>>?
Well, yes. A hardware firewall is always safer than any software solution. But your FW blocked this thing, didn't it?
-
You need to get a router with a hardware firewall ASAP. A hardware firewall is your first line of defense.
Sorry I can't as I am always have to be online for office work on laptop as well. Any other way?
fine tune your software firewall and pray god that it works :)
-
Of course you can get a router. Your modem will connect into the router then your laptop will connect to the router. If you rely on only a software firewall for inbound and outbound protection then you are asking for trouble. Most modern day modems have a hardware firewall. My 2Wire Gateway has a hardware firewall.
-
he's on 3G ::)
-
Of course you can get a router. Your modem will connect into the router then your laptop will connect to the router. If you rely on only a software firewall for inbound and outbound protection then you are asking for trouble. Most modern day modems have a hardware firewall. My 2Wire Gateway has a hardware firewall.
Don't tell him what he can and can't. He's using his laptop and I suppose he is travelling with it a lot, doing business.
-
Of course you can get a router. Your modem will connect into the router then your laptop will connect to the router. If you rely on only a software firewall for inbound and outbound protection then you are asking for trouble. Most modern day modems have a hardware firewall. My 2Wire Gateway has a hardware firewall.
Don't tell him what he can and can't. He's using his laptop and I suppose he is travelling with it a lot, doing business.
exactly http://forum.avast.com/index.php?topic=75159.msg622455#msg622455
-
Its advice. Gezz.............If he is traveling a lot then he can use HotSpot Shield.
-
Logos, I always have and always will love you... ;D
-
Its advice. Gezz.............If he is traveling a lot then he can use HotSpot Shield.
What is Hot Spot Shield?
A portable hardware firewall?
-
Sorry again but As I said I don't have much knowledge in networking..
Plz tell how can I connect my USB modem to router ???
Well for Outpost I have everything at maximum and its working fine for me
-
Dont ask..............Google it. ::)
http://download.cnet.com/hotspot-shield/
-
Its advice. Gezz.............If he is traveling a lot then he can use HotSpot Shield.
What is Hot Spot Shield?
A portable hardware firewall?
no , seems to be a VPN to secure hotspot wifi connections
-
Now I realize how important this networking is. I never had my interest in this field, I only wanted to be a good programmer...
And thanks alot all of you. You people are so knowledgeable ... :D
-
http://www.laptopical.com/firewall.html
-
anyway the guy's on 3G mostly, and securing wifi hotspot connections is nice... when he's not on 3G anymore ;D >>>> and hotspots are available :)
-
I have a house outside the city I am going to retire to, so I use a Verizon USB 760 3G modem. I have a Cradlepoint router MBR900 that is made to use the USB760 modem. Of course the router has a firewall. The router also has the ability to use imput from your cable system and also allows you to connect to your computer wireless or wired. It has worked great for me. They also make a portable unit. I bought mine at Best Buy but they do not carry all models. Check their website for more models. I am not trying to push a prduct but it sounds like to me that you may not know that something like this is available. I did not know they make routers that would take USB modems. Be careful you have to check the model you are buying to see if it works with the modem model you are using. They have a list for each router what modems it will work with. Hope this helps.
-
that stingray thing only supports RJ45 ethernet cables, you can't plugin a 3G key in it ::) ... anyway such solutions need to be constantly powered from an external power source I suppose, so they're useless when you're on the move.
edit: confirmed The power adapter plugs in right in between the PC and Modem cables, so you will need power nearby your Stingray Firewall unit.
-
"Stingray is very portable, and if you have a universal poweradaptor it can be used while travelling abroad."
Now all we need is a portable power-outlet socket.
-
I forgot to say the Cradlepoint will also can use the Verizon Hotspot and has a RJ45 and usb port.
-
I forgot to say the Cradlepoint will also can use the Verizon Hotspot and has a RJ45 and usb port.
And it does not need a power supply? Runs on rechargeable battery?
-
Well most hotels or coffee shops have an outlet you can plug into. If your in your car you can use a 12V power inverter.
-
Car is a possibility.
In some parts of the world there is no power outlet available. Just imagine someone working for - let's say charity - in slums, underdeveloped rural areas, etc.
-
I'll stick to my idea that if there's no other choice, a strong software firewall, fine tuned if needed, should be able to handle inbound connections properly and prevent intrusions, may be lukor should post something here, I'll mail him.
-
I do not have the portable unit they sell CTR35 but the website says they have a car power plug adapter(not sure if that is what you call it) and it comes with a ac adapter. I have the home model MBR900. Check the website http://www.cradlepoint.com/
-
I looked at the website and only found one model that was battery powered the PHS300 but it is a hotspot and could not find if it had a firewall. So you would have to use another model and the car power adapter.
-
I'll stick to my idea that if there's no other choice, a strong software firewall, fine tuned if needed, should be able to handle inbound connections properly and prevent intrusions, may be lukor should post something here, I'll mail him.
I agree.
-
If you must stick with a software firewall then your best bet is Comodo.
-
Well I find Outpost in many ways ahead to comodo. And how can comodo help me if a 21 years old boy from Iran hacked into its system and generated 4-5 Security Certificates ??
-
Well I find Outpost in many ways ahead to comodo. And how can comodo help me if a 21 years old boy from Iran hacked into its system and generated 4-5 Security Certificates ??
Nothing can stop an experienced hacker. But a hardware firewall is a must if you can get one. Comodo is also the most configurable 3rd party firewall around.