I need a solution
IP S Alert Name: Web Attack: Blackhole Toolkit website 21
Attacking computer : 116.203.96.89, 64006
Attacker URL : www.mandalay.longmusic.com/main.php?page=588ec4e4ea3b00d8
Source Address: 116.203.96.89
Trafic Description: TCP, Port 64006
Category : Firewall - Network and connections
1)IP address has disappeared from adapter mts internet and is no longer being protected (IP address:.......)
2)IP address has disappeared from adapter Microsoft 6to4 Adapter and is no longer being protected (IP address:.......)
This happened whilst browsing and the attack was resulted from - within the Apple Safari Browser's Webkit2webprocess.exe
As A RESULT NORTON 360 IS SHOWING THIS HAS BEEN DONE, BUT I HAVE NOT DONE ANY CHANGES MYSELF TO THE FIREWALL RULES. YET IT
IS SHOWING THE FOLLOWING....PLEASE ADVICE....
Program Name: Local Security Authority Process
Program Path: C:\Windows\System32\lsass.exe
Default Action: No Action Required
Action TakenL: User Configured rules
Local Computer: 0.0.0.0,49154
Trafic Description: Inbound Tcp, port 49154
Details: You created firewall rules to manage how Local Security Authority Process accesses your network resources.
Program Name: Local Security Authority Process
Program Path: C:\Windows\System32\lsass.exe
Default Action: No Action Required
Action Taken: ALLOW
Local Computer: ::0,49154
Trafic Description: Inbound Tcp, port 49154
Details: You ALLOWED Local Security Authority Process TO access your network resources.
HERE, IDID NOT ASK OR ALLOW THE COMPUTER TO ACCESS ANY NETWORK RESOURCES. HOW COME IT IS SHOWING IT IS ALLOWING ACCESS.
PLEASE ADVICE.....ASAP......WOULD APPRECIATE THE EARLY REPLY,THANKS.
SUNIL