Security Alert

 What is a Security Alert?

A Security Alert appears when a remote computer or a program on your computer attempts to access a port that is also used by a known Trojan horse. This may indicate that someone is attempting to access your computer or that a Trojan horse is attempting to monitor incoming connections from other computers.

Not all Security Alerts are indications that your computer is under attack. Some harmless communication between computers may appear to be similar to common Internet attacks and can trigger Security Alerts.


 What triggered this alert?

A computer with the IP address [IP address] attempted to connect to your computer using [Trojan name].


 Additional Information

Trojan horses are legitimate-looking programs that include malicious programming. Attackers can use Trojan horses to gain access to files on your computer or even take control of the computer.


 What should I do?

You do not have to do anything to protect your computer. Any communication that triggers a Security Alert is automatically blocked.

If this alert appeared when a program on your computer attempted to monitor incoming communication, it may mean that there is a Trojan horse on your computer. Use Norton AntiVirus to identify and remove the Trojan.

If this alert appeared when a computer attempted to connect to your computer, AutoBlock will block all communication from this computer for 30 minutes, even if subsequent communication is benign.

If you are uncertain whether this alert was triggered by an attack or by legitimate activity, use Visual Tracking to trace the computer's IP address. This helps you identify where the computer is located and, if it is an actual attack, gives you information that you can use to report the attacker.


 How can I reduce the number of these alerts?

If legitimate connection attempts from a computer that you trust are triggering Security Alerts, use Networking to add the computer to the Trusted Zone.

To add a computer to the Trusted Zone

  1. Double-click Personal Firewall.

  2. Click Networking.

  3. Click Trusted.

  4. Click Add.

  5. Do one of the following:

    • To specify an individual computer, click Individually and type the name or IP address of a single computer.

    • To specify a range of computers, click Using a range and type the starting (lowest numerically) and ending (highest numerically) IP addresses.

    • To specify computers using a network address, click Using a network address and type an IP address and a subnet mask.

  6. Click OK.

If you receive frequent Security Alerts about a specific Trojan horse when you perform safe activities using programs you trust, you can turn off monitoring for this Trojan horse.

To turn off monitoring for this Trojan horse

  1. Double-click Personal Firewall.

  2. Click Advanced > Trojan Horse Rules.

  3. Select the Trojan horse rule and click Remove.

  4. Click OK.

If someone is repeatedly using a specific computer to attack your computer, you can permanently block all communication from the IP address. Use Networking to add this computer to the Restricted Zone.

To add a computer to the Restricted Zone

  1. Double-click Personal Firewall.

  2. Click Networking.

  3. Click Restricted.

  4. Click Add.

  5. Do one of the following:

    • To specify an individual computer, click Individually and type the name or IP address of a single computer.

    • To specify a range of computers, click Using a range and type the starting (lowest numerically) and ending (highest numerically) IP addresses.

    • To specify computers using a network address, click Using a network address and type an IP address and a subnet mask.

  6. Click OK.