# Norton Internet Security Log: got Attacked?



## AlwzHijacked (Aug 31, 2005)

I am just waking up to this internet security/firewall concept after I couldn't access a few favorite sites for a few hours. Things are back to normal now, but i've made it a habit of going into my Norton Internet Security Logs to look for any suspicious entries.

In the Firewall category, I sometimes see the following entry (ip address differs each time - they get traced to locations in US and Korea). I'm just wondering, are these entries normal and do they pose any real threat to my computer? I tried clicking on the link below http://securityresponse.symantec.com/avcenter/nis_ids/ but this does not pinpoint the type of attack or what it means.

Is someone familiar with this? Any help would be appreciated.

Thanks.

Details: Unused port blocking has blocked communications
Inbound TCP connection
Remote address,local service is (216.70.253.23,4899)

Click on the address to trace the attacker 
You can get detailed information about this attack at Symantec Security Response


----------

