Custom Search
Join the PC homebuilding revolution! Read the all-new, FREE 200-page online guide: How to Build Your Own PC!
NOTE: Using robot software to mass-download the site degrades the server and is prohibited. See here for more.
Find The PC Guide helpful? Please consider a donation to The PC Guide Tip Jar. Visa/MC/Paypal accepted.
Results 1 to 5 of 5

Thread: HTTP_ActivePerl_Overflow attacks

  1. #1
    Join Date
    May 2002
    Posts
    141

    HTTP_ActivePerl_Overflow attacks

    I am using Norton's Personal Firewall on a WinXP Home computer. Lately, I have been getting a warning that the firewall has blocked an HTTP_ActivePerl_Overflow attack coming from 127.0.0.1. Norton Antivirus (which is up to date) comes up negative, as does AdAware, and Spybot.

    I get this message several times a day. Any help would be appreciated.

    Thanks.
    Murphy was an optimist

  2. #2
    Join Date
    Aug 2003
    Location
    Northern California
    Posts
    13,429
    Do you have Windows Messenger service turned off? (Not the MSN Messenger)
    If not, messages might not actually be from Norton.

  3. #3
    Join Date
    Feb 2002
    Location
    Somerset, England
    Posts
    2,762

    Re: HTTP_ActivePerl_Overflow attacks

    Originally posted by HewittC4
    ...HTTP_ActivePerl_Overflow attack coming from 127.0.0.1.
    Curiouser and curiouser said Alice!

    127.0.0.1 is the "loopback" address; i.e. your computer. From this message, I would suspect a bug in Norton, or an incorrect setting somewhere.

    That is, unless you are a masochist, and are actually attacking yourself!

    David
    be wary of strong drink - it may make you shoot at tax collectors, and miss!

  4. #4
    Join Date
    May 2002
    Posts
    141
    Windows Messenger is turned off. The Norton Quicklaunch icon gets a flashing red ! to tell me that there is an alert. This is coming from the firewall itself, not from a popup window.

    I know that this is the loopback address. My worry is that the recent Blaster worm had an error in it's programming that made it attack the loopback address. My virus definitions are up to date, and I recently did a fresh install on WinXP.
    Murphy was an optimist

  5. #5
    You may want to read this page at Symantec, take note of the ActivePerl version indicated, and the false positive note.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •