IANA wants in

hey all

So I have norton int. sec. and I have it cranked up so I get no cookies and scrips and stuff is set down. I always get message that remote comp. is trying to access which the ip says its IANA. I always just block it but its constant and getting pretty annoying. Is it safe to let them pass? Would anybody be able to get their ip and try to access my comp.? Is it bad that I don't let them access my comp.? any info is much appreciated.

thanks

 

Do you have a sample log entry you could post?

You can disable the pop-up alerts if you find them annoying.

If you are not sure what the prompt is for you are better off to deny first, look into it further and then decide.

Regards,

CrazyM

 

hi M

thanks for reply! well, i have a reason or two i want to keep a VERY close eye on everything that happens to my comp. esp. online. but im just getti n confused and confused! and more confused! just too much i should just give up trying to keep myu privacy. i was though, wondering.. what do those IANA ppl do? do you know why rthey would want to reach me? or its not neccesarily the organization itself thats trying to reach me?

 

Knock Knock

Whose there?

Iana

Iana who?

I a na going to tell you.

 

here is the copy of the log i got from NIS.. xxxx being my comp. name... ? this (actually the 3rd one) came in the moment i logged in and the the other two just followed as soon as i say block. and i get throught out the entire time im on the net. the ip is not always the same, sometimes it's not IANA ip but i get theirs alot, and yes i use auto ip whois thing..

thanks for your help but im getting paranoid but i just cant take a chance to let my guard down, if you know what i mean..

This one time, the user has chosen to "block" communications.
Inbound UDP packet.
Local address,service is (localhost,1040).
Remote address,service is (XXXX(192.168.1.126),1040).
Process name is "N/A".

This one time, the user has chosen to "block" communications.
Inbound UDP packet.
Local address,service is (255.255.255.255,bootps(67)).
Remote address,service is (XXXX(192.168.1.126),bootpc(6).
Process name is "N/A".

This one time, the user has chosen to "block" communications.
Inbound UDP packet.
Local address,service is (localhost,1035).
Remote address,service is (XXXX(192.168.1.126),1035).
Process name is "N/A".

 

and i just blocked the whole netrange but i still get it.. is it coming from myself?

 

Have you changed any of the default System rules? In particular the Loopback and DHCP rules.

Regards,

CrazyM

 

no i have not since i installed it.. i have reinstalled my whole system over 10 times within the month and i am starting to give up but i really dont want to. but im afraid if i start changing things because i dont know crap i might mess it up and screw it beyond my capacity to fix and end up reinstalling the whole thing again x(

 

Just curious why you would be seeing those events with the default rules. They are nothing to worry about. Are you using the Trusted Zone for your LAN subnet?

Is the firewall set to high and have you checked if "Alert when unused ports are accessed" is disabled which will reduce the pop-ups and just block and log.

Regards,

CrazyM

 

oh, oh, yea.. sorry i did change those settings i just havent change any of the specific protocol rules.. well like i said, and i tried to explain in 'privacy software: jap/tor effective against specific attacker?' i am pretty paranoid and i want to know what happens around here..