Question about SonicWALL PRO 230 Firewall

1 Answer

Sonicwall firewall has trojan attack.

If we browse any URL outside of server it shows virus attack but if we browse the same URL through server it does not show any virus though both side has same antivirus.
We have deployed firewall behind switch and all servers and also we have scanned all servers but could not found any attack.

Also it shows the attack only when URL is browsed at port 80.
Please can you give us solution as this is SOS situation.

Posted by on

  • oriensoft Jun 03, 2008

    I'll explain my architecture and my issue exactly.

    We have sonicwall 3060 firewall and then 1 switch and then more than 10 servers attached to it.

    When we browse any website hosted on those servers from outside of server we get virus warning and if we check the page source we find the "iframe" line added but same page if we check from server or even the code of that page we could not able to find the that iframe line.

    We have scanned the servers with 4 different antivirus but could not find anything.

    The strange thing is that only if we browse website on 80 port it given trojan warning but if we use any other port we could not get any virus warning.


×

1 Answer

  • Level 2:

    An expert who has achieved level 2 by getting 100 points

    All-Star:

    An expert that got 10 achievements.

    MVP:

    An expert that got 5 achievements.

    Mentor:

    An expert who has written 3 tips or uploaded 2 video tips.

  • Expert
  • 262 Answers

What kind of fire wall and anti virus are you useing ? I have found that the best you can find is AVG. 8.0 if you use it and the Windows Denfender together they are the best,AVG can find all trojans downloaders loops lops and any kind of worms imagen,alot of viruses we have cleaned seem to hide behind the windows files themselves,as you corner them they will pop up. Where as if the mcfee and norton are constally dormit they don't seem catch all the new viruses,try switching for an instant,and Avg will pretty much corner any kind of viruses you have and send me the out come of what is happened please thank you lala linda

Posted on Jun 03, 2008

1 Suggested Answer

6ya6ya
  • 2 Answers

SOURCE: I have freestanding Series 8 dishwasher. Lately during the filling cycle water hammer is occurring. How can this be resolved

Hi,
a 6ya expert can help you resolve that issue over the phone in a minute or two.
best thing about this new service is that you are never placed on hold and get to talk to real repairmen in the US.
the service is completely free and covers almost anything you can think of (from cars to computers, handyman, and even drones).
click here to download the app (for users in the US for now) and get all the help you need.
goodluck!

Posted on Jan 02, 2017

Add Your Answer

Uploading: 0%

my-video-file.mp4

Complete. Click "Add" to insert your video. Add

×

Loading...
Loading...

Related Questions:

1 Answer

Hack the sonic wall


Hacking is a broad term and there are many attack vectors which you can use. If you do not truly understand that then you will not be cracking a firewall. You need a method of attack, recon it and search the vulnerabilities.

Feb 17, 2014 | SonicWALL Computers & Internet

Tip

Prevent Your PC from Getting Hacked


Here , we will see how to prevent PC's from getting hacked : Most people think that hackers are only a problem for servers. This is not true. If your Windows PC is not properly configured, everything on your computer can easily be stolen or destroyed by hackers. Our network architecture is inherently hacker-resistant. However, because your PCs are directly connected to the Internet, hackers can bypass our servers and attack your PCs directly. Our firewall will help to some extent, but you must follow basic precautions if you want your data to be safe. Viruses: It is impossible for the servers to get computer viruses, because they run Unix, which cannot be infected by viruses. A virus must be executed before it can infect a computer. On Windows, programs like Internet Explorer and Outlook often execute files without your knowledge, which is what causes most virus infections. However, these files (or any Windows program) cannot be executed on the server. Some Windows viruses put copies of themselves on the server's shared disks. To the server, these are just ordinary files. The server is set up to periodically delete them to save space. They are not a problem unless you click on them. Clicking is the root of all evil. Here are some basic precautions to protect against hackers.
  1. Goto windowsupdate.microsoft.com at least once a week and install all critical patches.
  2. Run an antivirus program at least once a week. Update your virus signature files every time you use it.
  3. Use a firewall such as Zone Alarm. (Some firewalls have had major security problems. Be sure you have the latest update)
  4. Check your computer for trojans by clicking on: http://security.symantec.com http://www.trojanscan.com
  5. Don't click on email attachments.
  6. Don't install Napster, Kazaa, ChainCast, or any software from an unknown source. The former will turn your computer into a server and the latter may contain trojans and viruses.
  7. Turn off sharing, especially on your C:\ and D:\ drive. This is very dangerous! If you must share a disk, make sure it requires a password. Otherwise, anyone in the Internet can use your computer to back up their files without your knowledge. Never share any folder without a password.
  8. Put a good password on your PC. If you have a password on your PC that is easy to guess, your computer can be easily taken over by hackers.
    A bad password would be things like 'password', '12345', your name, license plate number, or any word that could be found in an English dictionary or a dictionary in your native language.
  9. Report any network slowness or strange computer behavior so it can be checked by me (if it's a network problem) or Brad (if it's a Windows or Mac problem).
  10. Windows PCs with static IP numbers are especially easy targets. You should always set "Obtain an IP address automatically" in Windows unless you are running a server and you are knowledgeable in computer security.

Here are some more tips:
  1. Please give your computer a sensible name. If we can't find your computer when it causes a problem, the only way to fix it is by unplugging it from the network.
  2. Don't store files in the /tmp directory on the servers (engram or protein). They are not safe there! If someone else gets a virus, their computer can put copies of the virus on the shared disk, mixed in with your files. The server cannot be infected by these viruses, but your PC could. Keep your backups in your home directory where they are safe and private.
  3. If you use Windows 2000 or NT, activate auditing of all system events, especially failures. This will you help discover how the hacker obtained access. Without this knowledge, it will be difficult to know what to change when you reinstall your operating system. Be sure to scan through the logs occasionally for unusual activity.
  4. Avoid executable content in web pages and email. Disable ActiveX. You can check your Internet Explorer installation for Active X security problems at this web site: http://www.tiac.net/users/smiths/acctroj/axcheck.htm
  5. Disable automatic execution of Macros in Office programs (Word, Excel, etc).
  6. Use SSH in preference to telnet. You can replace it with the freeware TeraTerm client with the SSH plugin.
  7. Unbind the unneeded network settings in Windows. This is easy to do, and will greatly increase your security. Follow the instructions at http://grc.com/su-rebinding9x.htm
  8. If a hacker gets on your computer, or you discover a trojan on your computer and suspect it is being actively exploited, unplug it from the network immediately and ask for assistance. Don't delete any files. We may need to check them to find out how the attacker got into your system.
  9. If your computer has been compromised by a trojan or an intruder, it cannot be repaired by removing the foreign software. There are dozens of different ways for a hacker to regain access, despite our firewall, that are impossible for any scanning software to find. The only way to repair your computer is to reformat your disk and reinstall the operating system. Until you do this, your computer is a threat to every one else's computer.
If you don't follow these guidelines, we won't nag you to change, but sooner or later your computer will be trashed by a hacker, trojan, or virus. Some people have already discovered this the hard way.

on Jun 27, 2010 | Computers & Internet

1 Answer

Question: I have a sonicwall CDP 1440i. Does it hold a firewall for my server as well serve as a back up device? or do I need an additional external firewall to support the windows operating system?


It will act as a firewall for essentially anything that is "behind" it. As long as your server and PC are connected to it (or a switch/hub that is connected to it) it will act as the firewall.

You don't need anything additional to support your windows machine.

Feb 28, 2011 | SonicWALL CDP 1440i (01SSC6300) Firewall

1 Answer

Cofiguring sonicwall TZ190 to block all trojans and viruses


Hi,
The"svchost.exe" is a normall windows system files.
It does not cause any harm to your pc.
It's only a running process.
Regards
Uttam

Feb 19, 2010 | SonicWALL TZ170 (01-ssc-5740) Firewall

1 Answer

How to routing router static ip address and local


Use the Sonicwall configuration wizard..

Please find below is to configure what ever you want.

Setup Wizard - This wizard will help you quickly configure the SonicWALL to secure your Internet connection. Once completed, you can use the SonicWALL Web Management Interface for additional configuration.

Registration & License Wizard - This wizard will help you register you and your firewall with mysonicwall.com and obtain licenses for additional Security Services features.

PortShield Interface Wizard - Segment and configure the integrated managed LAN switch of the SonicWALL.

Public Server Wizard - Quickly configure your SonicWALL to provide public access to an internal server.

VPN Wizard - Create a new site-to-site VPN Policy or configure the WAN GroupVPN to accept connections from the SonicWALL Global VPN Client
Thanks
..

Apr 22, 2009 | SonicWALL TZ170 (01-ssc-5740) Firewall

1 Answer

Trojan attack


well i recommend you install a good firewall and antivirus software (also called interned security suite) update it, scan and disinfect your system, this should solve your problem, just remember to keep the antivirus and firewall updated always...

check this out
http://personal-firewall-software-review.toptenreviews.com/

and this

http://anti-virus-software-review.toptenreviews.com/


safe browsing :)

Mar 24, 2009 | HP Pavilion dv6000z Notebook

1 Answer

Google site problem in Network


check in your firewall security settings.
that blook gmail .

Nov 29, 2008 | Sonicwall PRO 3060 NFR (01-ssc-5378)...

1 Answer

I got an virus shutting down the computer while trying to download. I suppose it is Trojan attack. assist me to remove this virus


boot the computer without internet and activate ur firewall

and run antivirus scan

rate this post

Aug 19, 2008 | NEC Computers & Internet

1 Answer

Sonicwall Firewall Pro2040 Boot Issue


If you do not see connection lights, you might be connecting the Sonicwall directly to a computer, instead of to a switch.

Try using a crossover cable, or try plugging the Sonicwall and your computer both into a network switch.

Jun 08, 2008 | Computers & Internet

Not finding what you are looking for?
SonicWALL PRO 230 Firewall Logo

Related Topics:

131 people viewed this question

Ask a Question

Usually answered in minutes!

Top SonicWALL Computers & Internet Experts

Raymond Ramirez
Raymond Ramirez

Level 2 Expert

331 Answers

Frank Zabroski
Frank Zabroski

Level 2 Expert

268 Answers

stephen
stephen

Level 1 Expert

30 Answers

Are you a SonicWALL Computer and Internet Expert? Answer questions, earn points and help others

Answer questions

Manuals & User Guides

Loading...