Alert msg from syamantec endpoint protection MS RPCSS attack

> I recently disconnected a router, and now ... plugged directly into the modem.

The router was "silently" blocking all the "unsolicited" traffic, including "port-scan" traffic from computer-hackers.

Now, that traffic is reaching your computer, and BitDefender is just "verbosely" telling you that it is blocking that traffic.

> is this something to worry about

Yes, but you have to "trust" that BitDefender is blocking 100% of such "unsolicited" traffic.

> how can I stop this?

Trace the IP-addresses of the "attackers", find contact-information for their Internet Service Providers, and get the "malicious" attacker disconnected from the Internet.

Or, just tell BitDefender to be "less-verbose".

Hi,

You don't have to worry about the attack being transferred to the new computer because they will both have a different IP address.

Providing you protect your computer with a good antivirus software like you are already using then you should be fine although no computer is 100% safe from attacks and viruses.

Norton 360 provides decent internet security plus some attacks are dependant on the site you visit. It's all about being vigilant and protecting your computer the best you can.

Regards.

Hi,

A simple search by entering the SID in google would have answered this for you. However, I am glad to help point you in the right direction. Follow this link and check out the information. I believe this will answer your questions.
http://www.symantec.com/connect/forums/sid-20386-ms-rpcss-attack-2-detected-help-please

Brian

It is good that semantec that is Norton is protecting your computer. But still , i would suggest you to download and run malwarebytes to scan the computer.
use the following link: www.malwarebytes.com
Also, turn on the window firewall.
http://support.microsoft.com/kb/283673

Please refer to Linux Administrator guide. The process is not writable in short space. Pls add more dependencies like hardware etc

A router normally stops incoming Internet traffic from getting on your network, unless the traffic is in response to one of your computers or when using port forwarding. But instead of discarding the incoming traffic or using port forwarding, you can send incoming traffic to one computer on your network by establishing a "Default DMZ Server". (DMZ = humorous reference to "Demilitarized Zone".) This avoids you having to figure out what ports an Internet application wants ? by throwing all ports open for that computer. For regular network operation, NETGEAR recommends you do not use a DMZ. A computer with DMZ loses firewall protection, and is exposed to exploits from the Internet. If compromised, your own computer can attack the rest your network. Instead of DMZ, use port forwarding, as described in How is Port Forwarding Configured? However, the DMZ server feature is helpful: * When you have a problem connecting to an Internet service. Setting up a DMZ will determine whether a closed port is responsible for the problem. * With some online games and videoconferencing applications that are incompatible with NAT. Follow the procedure under your router model to create a DMZ To Create a DMZ for RP614, MR814, FVS318, FVM318, WGR614 1. Open a Web browser, and type the router's IP address (The router's default IP address is 192.168.0.1). Click Go. 2. Enter the username and password for the router (Default username is admin and password is password). 3. From the browser Main Menu select Advanced > Security. Some routers, such as the MR814, use the WAN Setup Options, page, instead. 4. Enter the server's IP address. 5. Click Apply. To Create a DMZ for FR114P, FR114W, FM114P, FR328S, FVL328 1. Open a Web browser, and type the router's IP address (The router's default IP address is 192.168.0.1). Click Go. 2. Enter the router's username and password (Default username is admin and password is password). 3. From the browser Main Menu select Advanced > Security. 4. Click Rules. 5. Check the box for Default DMZ Server, and enter the server's IP address the corresponding box for the IP Address. 6. Click Apply. To Create a DMZ for RH340, RH348, RT328, RT338, RT311, RT314, RP114, RO318, MR314, DG814 * Going through the GUI and going to Port Forward in the left menu bar. * For RM356: Going through telnet and from the main menu go to menu #15. 1. Open a Web browser, and type the router's IP address (The router's default IP address is 192.168.0.1). Click Go. 2. Enter the router's username and password (Default username admin, password 1234). 3. From the Main Menu of the browser interface, under Advanced, click Port Forwarding to view the port forwarding menu. 4. Enter the IP address of the DMZ server in the corresponding Server IP Address box. 5. Click Apply at the bottom of the menu.

A router normally stops incoming Internet traffic from getting on your network, unless the traffic is in response to one of your computers or when using port forwarding. But instead of discarding the incoming traffic or using port forwarding, you can send incoming traffic to one computer on your network by establishing a "Default DMZ Server". (DMZ = humorous reference to "Demilitarized Zone".) This avoids you having to figure out what ports an Internet application wants ? by throwing all ports open for that computer. For regular network operation, NETGEAR recommends you do not use a DMZ. A computer with DMZ loses firewall protection, and is exposed to exploits from the Internet. If compromised, your own computer can attack the rest your network. Instead of DMZ, use port forwarding, as described in How is Port Forwarding Configured? However, the DMZ server feature is helpful: * When you have a problem connecting to an Internet service. Setting up a DMZ will determine whether a closed port is responsible for the problem. * With some online games and videoconferencing applications that are incompatible with NAT. Follow the procedure under your router model to create a DMZ To Create a DMZ for RP614, MR814, FVS318, FVM318, WGR614 1. Open a Web browser, and type the router's IP address (The router's default IP address is 192.168.0.1). Click Go. 2. Enter the username and password for the router (Default username is admin and password is password). 3. From the browser Main Menu select Advanced > Security. Some routers, such as the MR814, use the WAN Setup Options, page, instead. 4. Enter the server's IP address. 5. Click Apply. To Create a DMZ for FR114P, FR114W, FM114P, FR328S, FVL328 1. Open a Web browser, and type the router's IP address (The router's default IP address is 192.168.0.1). Click Go. 2. Enter the router's username and password (Default username is admin and password is password). 3. From the browser Main Menu select Advanced > Security. 4. Click Rules. 5. Check the box for Default DMZ Server, and enter the server's IP address the corresponding box for the IP Address. 6. Click Apply. To Create a DMZ for RH340, RH348, RT328, RT338, RT311, RT314, RP114, RO318, MR314, DG814 * Going through the GUI and going to Port Forward in the left menu bar. * For RM356: Going through telnet and from the main menu go to menu #15. 1. Open a Web browser, and type the router's IP address (The router's default IP address is 192.168.0.1). Click Go. 2. Enter the router's username and password (Default username admin, password 1234). 3. From the Main Menu of the browser interface, under Advanced, click Port Forwarding to view the port forwarding menu. 4. Enter the IP address of the DMZ server in the corresponding Server IP Address box. 5. Click Apply at the bottom of the menu.

A router normally stops incoming Internet traffic from getting on your network, unless the traffic is in response to one of your computers or when using port forwarding. But instead of discarding the incoming traffic or using port forwarding, you can send incoming traffic to one computer on your network by establishing a "Default DMZ Server". (DMZ = humorous reference to "Demilitarized Zone".) This avoids you having to figure out what ports an Internet application wants ? by throwing all ports open for that computer. For regular network operation, NETGEAR recommends you do not use a DMZ. A computer with DMZ loses firewall protection, and is exposed to exploits from the Internet. If compromised, your own computer can attack the rest your network. Instead of DMZ, use port forwarding, as described in How is Port Forwarding Configured? However, the DMZ server feature is helpful: * When you have a problem connecting to an Internet service. Setting up a DMZ will determine whether a closed port is responsible for the problem. * With some online games and videoconferencing applications that are incompatible with NAT. Follow the procedure under your router model to create a DMZ To Create a DMZ for RP614, MR814, FVS318, FVM318, WGR614 1. Open a Web browser, and type the router's IP address (The router's default IP address is 192.168.0.1). Click Go. 2. Enter the username and password for the router (Default username is admin and password is password). 3. From the browser Main Menu select Advanced > Security. Some routers, such as the MR814, use the WAN Setup Options, page, instead. 4. Enter the server's IP address. 5. Click Apply. To Create a DMZ for FR114P, FR114W, FM114P, FR328S, FVL328 1. Open a Web browser, and type the router's IP address (The router's default IP address is 192.168.0.1). Click Go. 2. Enter the router's username and password (Default username is admin and password is password). 3. From the browser Main Menu select Advanced > Security. 4. Click Rules. 5. Check the box for Default DMZ Server, and enter the server's IP address the corresponding box for the IP Address. 6. Click Apply. To Create a DMZ for RH340, RH348, RT328, RT338, RT311, RT314, RP114, RO318, MR314, DG814 * Going through the GUI and going to Port Forward in the left menu bar. * For RM356: Going through telnet and from the main menu go to menu #15. 1. Open a Web browser, and type the router's IP address (The router's default IP address is 192.168.0.1). Click Go. 2. Enter the router's username and password (Default username admin, password 1234). 3. From the Main Menu of the browser interface, under Advanced, click Port Forwarding to view the port forwarding menu. 4. Enter the IP address of the DMZ server in the corresponding Server IP Address box. 5. Click Apply at the bottom of the menu.

A router normally stops incoming Internet traffic from getting on your network, unless the traffic is in response to one of your computers or when using port forwarding. But instead of discarding the incoming traffic or using port forwarding, you can send incoming traffic to one computer on your network by establishing a "Default DMZ Server". (DMZ = humorous reference to "Demilitarized Zone".) This avoids you having to figure out what ports an Internet application wants ? by throwing all ports open for that computer. For regular network operation, NETGEAR recommends you do not use a DMZ. A computer with DMZ loses firewall protection, and is exposed to exploits from the Internet. If compromised, your own computer can attack the rest your network. Instead of DMZ, use port forwarding. However, the DMZ server feature is helpful: * When you have a problem connecting to an Internet service. Setting up a DMZ will determine whether a closed port is responsible for the problem. * With some online games and videoconferencing applications that are incompatible with NAT. Follow the procedure under your router model to create a DMZ To Create a DMZ for RP614, MR814, FVS318, FVM318, WGR614 1. Open a Web browser, and type the router's IP address (The router's default IP address is 192.168.0.1). Click Go. 2. Enter the username and password for the router (Default username is admin and password is password). 3. From the browser Main Menu select Advanced > Security. Some routers, such as the MR814, use the WAN Setup Options, page, instead. 4. Enter the server's IP address. 5. Click Apply. To Create a DMZ for FR114P, FR114W, FM114P, FR328S, FVL328 1. Open a Web browser, and type the router's IP address (The router's default IP address is 192.168.0.1). Click Go. 2. Enter the router's username and password (Default username is admin and password is password). 3. From the browser Main Menu select Advanced > Security. 4. Click Rules. 5. Check the box for Default DMZ Server, and enter the server's IP address the corresponding box for the IP Address. 6. Click Apply. To Create a DMZ for RH340, RH348, RT328, RT338, RT311, RT314, RP114, RO318, MR314, DG814 * Going through the GUI and going to Port Forward in the left menu bar. * For RM356: Going through telnet and from the main menu go to menu #15. 1. Open a Web browser, and type the router's IP address (The router's default IP address is 192.168.0.1). Click Go. 2. Enter the router's username and password (Default username admin, password 1234). 3. From the Main Menu of the browser interface, under Advanced, click Port Forwarding to view the port forwarding menu. 4. Enter the IP address of the DMZ server in the corresponding Server IP Address box. 5. Click Apply at the bottom of the menu.