Orbzon Posted July 10, 2006 Report Share Posted July 10, 2006 My NIS has told me twice in the past couple days that there has been an "Intrusion Attempt" on my PC while I'm using uTorrent.Should I be worried or is this just a misread?Thanks. Link to comment Share on other sites More sharing options...
Ultima Posted July 10, 2006 Report Share Posted July 10, 2006 Uh, it's probably NIS being paranoid, as usual. Can you be more descriptive about the message? Link to comment Share on other sites More sharing options...
Orbzon Posted July 10, 2006 Author Report Share Posted July 10, 2006 This is all it says in my log:"Details:Intrusion: Invalid UDP Destination Port.Risk Level: Medium."Is it even possible to get hacked through uTorrent? Link to comment Share on other sites More sharing options...
DreadWingKnight Posted July 10, 2006 Report Share Posted July 10, 2006 No.Ultima's right, NIS is being overly paranoid. Link to comment Share on other sites More sharing options...
junglemike Posted July 10, 2006 Report Share Posted July 10, 2006 I know it's extremely unlikely, but is it possible in theory to cause utorrnet a buffer overflow through an imcoming port and as a result, make it run a hackers's code? - like worms do. Link to comment Share on other sites More sharing options...
Switeck Posted July 10, 2006 Report Share Posted July 10, 2006 If ludde is as good a programmer as he seems, buffer overflows are probably quite unlikely in µTorrent.Good programmers do "sanity checking" on values from variables before trying to do any calculations on them. Link to comment Share on other sites More sharing options...
Firon Posted July 11, 2006 Report Share Posted July 11, 2006 Nah. Link to comment Share on other sites More sharing options...
lorax1284 Posted June 9, 2007 Report Share Posted June 9, 2007 I've seen some pretty specific worm attempt warnings from NIS... I have just reformatted my primary notebook pc (it's SMOKING fast now!) and am looking to avoid installing Norton Resource Consumer and General Performance Vampire (also known as "Norton Internet Security") and wonder if these warnings are TOTALLY BOGUS, or legit hack attempts.I've seen a lot of responses in the realm of "nah, it's nothing", but to be honest, that's not very convincing. Is there any explanation of what's going on? Whether these hack attempts are legit threats, if I have a hardware firewall and the latest WinXP security fixes, don't use Outlook nor IE? Link to comment Share on other sites More sharing options...
DreadWingKnight Posted June 9, 2007 Report Share Posted June 9, 2007 These applications are simply trying to pretend to the user that they're actually protecting you from something malicious.Legit hack attempts mainly (read:almost always) only happen on ports 137-139, 22, 80, and other ports that have high-use servers with vulnerabilities. Link to comment Share on other sites More sharing options...
Switeck Posted June 9, 2007 Report Share Posted June 9, 2007 You probably received a DHT UDP packet and your firewall freaked out.Running a software firewall is not as good of security as keeping the OS and various applications updated.I am seeing all kinds of activity on ports 1026-1029 hitting my router as of the last 2-3 weeks. IPs from China mainly...or claim to be. But because my router blocks such activity by default, I'm not particularly worried. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.