• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

This forum thread needs a solution.
Kudos0

Firewall rules regarding remote access

Yesterday or day before, I noticed that my computer had joined a Bluetooth network and proceeded to link up with 2 or 3 IP addresses attached with citigroup (or so I believed that day) because I looked up 169.254.101.224 and 169.254.249.245 on www.ipaddress.com and it showed citigroup at the bottom associated with it.  Well now, when I write this topic I did a quick double check on www.ipaddress.com and now US State Department is at the bottom of text associated somehow with those IP's.  

I looked up citigroup recently after this happened and apparently they had server issues. So I was wondering if hackers had taken over my computer despite my Norton security, firewall and used it to attack citigroup along with others to overwhelm it.

So, I now wonder if maybe with the www.ipaddress.com associated with those ip addresses means that the state department is going to get hit next? 

Me looking into this made me change my firewall rules on windows remote management access. I've now placed a rule blocking all traffic involving remote management by all protocols in both directions.  I've also disabled my Bluetooth driver. I hope this helps to prevent my computer being used in this way again.  Perhaps Norton should beef up it's firewall to more easily allow people to disable remote access in a rule closer to the top of it's list.

It's nice now to see a history of how many people have tried to get remote access to my computer now, and that they have now been blocked.  I don't know if Norton firewall had prevented it before. Most likely not given the instance I described first above.

Anyone have tips for me regarding keeping my firewall better protected. And what applications I should disable.  I know before I had Norton, I'd get a ton of windows games added to my windows firewall allowed programs approved without my consent. I had a bit of an issue with Skype too, I think even though I never used it.

Replies

Kudos0

Re: Firewall rules regarding remote access

169.254.x.x addresses are assigned by Windows to itself when your computer cannot get an IP address to get online. With an IP address in that range you could not be connected to Citigroup, the State Department, nor anywhere else, as you could not access the internet with that address - your computer would only be able to talk to itself.

https://askleo.com/why_cant_i_connect_with_a_169254xx_ip_address/

Your firewall will block any unsolicited traffic by default. Additonally, there are already traffic rules in the Norton Firewall that will block Remote Management Access.  Remote access is also disabled by default in Windows, but you can check it by going to the settings as explained here:

https://www.howtogeek.com/howto/windows-vista/turn-on-remote-desktop-in-...

I would recommend using the Firewall Reset option in Norton Firewall Settings to revert the firewall to its defaults and leaving it - it is designed to handle these types of situations without user action.

This thread is closed from further comment. Please visit the forum to start a new thread.