[melson3]

Hello all:
My computer is being repeatedly attacked by the NMAP XMAS SCAN. Whilte it is blocked by Norton, it appears to be drastically slowing down my computer, almost to frozen for some sites. I've searched for solutions already, but found none so far. Can anyone suggest how to prevent these attacks? Thank you.

[lunarlander]

A hacker is scanning you; trying to scout out what ports you have open and trying to identify your OS. Maybe he is intentionally trying to slow you down, but I have not heard of Xmas scans slowing down people. Perhaps it is how Norton is handling the scan. Old versions of Norton are known to be slow.

Try powering off your modem, wait 20 secs and powering it on. Maybe, just maybe, you might end up receiving a different ip address.

[melson3]

ok; thanks for suggestions. actually, I've tried that with the router, because the internet connection keeps failing every 2 or 3 hours. but I'll try with modem too. thanks.

[Cookiegal]

If you have a router it should have a firewall and these scans should never make it through to Norton. Are you sure the hardware firewall is activated?

[melson3]

hi; no I am not sure that the router firewall is working. it's a linksys. any suggestions on how to do this? thanks.

[Cookiegal]

What is the model please?

[melson3]

I don't know if you got the first reply; it's a BEFSR41. thanks.

[Cookiegal]

If you go to the configuration screen and click on Filters is "Block WAN Request" enabled there?

[melson3]

please excuse my ignorance. How do you go to the configuration screen? this is an old model and I think you have to type in the equivalent of an http address to "see" the router's settings. I just don't know how to do that. I'll have to check the linksys site, unless you know this offhand. thanks. Also, at this point, I've decided to get a new wireless router from Comcast; they will install and maintain it. That should help, to say the least. thanks.

[Cookiegal]

Well if you're going to do that then you shouldn't have any problems as Norton shouldn't even see those port scans or attacks.

[melson3]

hi, that's probably true. at the moment, I am feeding my cable connection directly into my computer rather than through the router. this completely eliminated (so far) all those messages about the nmap xmas scan attacks. so, if the attacks were coming through the router, they can't now, because the computer is no longer attached to it. hopefully, Comcast will have security measures in place to ensure that it's router won't be as vulnerable. if the problem starts again, they will deal with it (since it's their equipment). this does not get at how the linksys router could be set up to block the attacks (so that Norton does not need to respond), but it's the easiest solution at this point for me. thanks again for responding.

[Cookiegal]

That doesn't make sense since you're bypassing the router, Norton should be getting those hits. Maybe you just need to do a hard reset of the router.

You can do this by inserting the tip of a pencil into a small hole labelled "reset" located on the back of the router. With the power on, press there and hold it down until the lights on the front of the router blink off and on again. You might want to check with your ISP in case there are custom settings that need to be maintained.

[melson3]

hi again. actually, I did do that as part of following what someone else suggested on how to deal with these attacks. maybe that worked, but it also seems to have screwed up the connection between the router and the computer. since I'm getting a completely new router tomorrow, it's not worth "fixing" this one's settings at this point. so, you may be right, that the fix was to do that reset. maybe that will help someone else, too. thanks.

[Cookiegal]

Sound good to me.