Norton Blocks Portscan, Internet Becomes Extremely Slow
Last response: in Networking
About a week ago Norton detected a "downloader" virus during a system scan. I followed the suggested steps to get rid of it (which was just to disable system restore and rescan) and no more viruses were detected. However every few hours Norton will detect a "Portscan" from IP address 64.71.255.198(domain(53)). After this the internet connection becomes extremely slow for maybe half an hour. Lately however, the portscans have ceased yet the internet will still become extremely slow every once in awhile then speed up again.
I've googled this problem and I haven't found anyone with the exact same problem as me. A lot of solutions to do with Norton and portscanning are from a few years ago and mention using a program called Ewido to find hidden trojans or something, but it does not exist anymore. The thing is the internet connection on other computers is fine (using a router) while this happens, so I don't think it's a virus that's just taking up bandwidth, and from my googling the IP address listed is actually Rogers Cable, but I'm a little wary disabling Norton in case someone is trying to gain access to my computer, and it seems unlikely Norton detected a downloader virus right before my connection slowed down by coincidence.
Any suggestions? Thanks.
I've googled this problem and I haven't found anyone with the exact same problem as me. A lot of solutions to do with Norton and portscanning are from a few years ago and mention using a program called Ewido to find hidden trojans or something, but it does not exist anymore. The thing is the internet connection on other computers is fine (using a router) while this happens, so I don't think it's a virus that's just taking up bandwidth, and from my googling the IP address listed is actually Rogers Cable, but I'm a little wary disabling Norton in case someone is trying to gain access to my computer, and it seems unlikely Norton detected a downloader virus right before my connection slowed down by coincidence.
Any suggestions? Thanks.
More about : norton blocks portscan internet extremely slow
If your cable provider is Rogers... I'd say you have a false positive with Norton and it's blocking legitimate DNS traffic. This is what I got from an nslookup of that adresss.... Norton is fairly good for AV, not exactly good on the IDS / IPS / network traffic side:
Name: dns.rnc.net.cable.rogers.com
Address: 64.71.255.198
I'd run an "ipconfig /all" from your command line, verify your DNS server is set to 64.71.255.198, and assuming it is, disable the blocking of that within Norton.
Name: dns.rnc.net.cable.rogers.com
Address: 64.71.255.198
I'd run an "ipconfig /all" from your command line, verify your DNS server is set to 64.71.255.198, and assuming it is, disable the blocking of that within Norton.
Best solution
Related ressources
- Please help with Norton Antivirus problem - Forum
- Help! My Dell is extremely slow now! - Forum
- Linux Security Guide - Forum
- Low CPU usage but slow Performance - Forum
- Do I need Norton ? - Forum
Related ressources:
- ForumWindows Vista on Notebooks: Why and What Hardware?
- ForumLast Norton Liveupdate Broke Firewall!
- ForumProblems with all Firewalls and AV
- ForumSlow load times
- ForumAssembled, checked 3 times, switched on AND....!
- ForumDo you use HOSTS file ?
- ForumUDP packet being blocked
- ForumComputer loads windows slow .
- ForumEverything very slow in XP
- ForumUpgrading to 8 from OEM 7
- ForumMore Raid 5 Problems
- ForumHelp! computer cannot connect to internet through dlink di-808hv
- ForumPulling DHCP from Cable Modem instead of wireless router
- ForumNetworking and Internet connection
- ForumApplications can't access the internet
- More resources
Read discussions in other Networking categories
!
