Installed update from cis updater. everything seems to be working fine except I have 180 blocked intrusions in one week and half the time it’s been asleep ( my laptop that is), when I look to see what has been blocked it just says “windows operating system”
windows vista X32 SP1 no other security except windows defender.
Conny
Could you be a bit more specific please? Is it UDP (or TCP) and what ports are involved 
sometimes UDP sometimes TCP various different ports, the only constant is the destination IP; 70.192.25.210 , 70.192.13.19 , 70.192.193.84 . In all 204 intrutions those are the only destination IPs.
Firewall is set to safe mode.
The addresses are unfamiliar to me, but they all come from the “myvzw.com” site. Not sure what this is, but the specific port numbers involved would be interesting to know about. Could you reply with the numbers in addition to the protocol used please?
Also, do you know if it’s your computer that’s initiating the connection? Are you the source or destination
Has something to do with “My Verizon wireless”
That explains a bit
Neither of the addresses gave any site replies, although they could all be pinged. One even forwarded me to the Mobile - Live website. Benign DHCP or web-browsing traffic perhaps?
I don’t know what’s initiating it and CIS doesn’t tell me what’s being blocked, just says windows operating system. My internet provider is verizon wireless. Here is a screen shot.
[attachment deleted by admin]
Do you move around a lot, or get your laptop address renewed often?
It could be a portscan of your network in progress, or a safetyscan by your provider. Some are proxy addresses (8000-8080), some are DNS(53) and FTP(21) but most are random it seems. It could also be a genuine intrusion attempt by someone else in the same segment as yours that has been infected by malicious code. You could try to “stealth” your laptop and see if the results improve, but it seems as your firewall is doing it’s job. Which is to prevent intrusions
To “stealth” your laptop, there’s a Stealth Port Wizard in the Firewall section. Give it a go and see if it improves your situation.
Wow, I saw your screen shot. That’s alot of different addresses and ports. But if indeed it’s something to do with verison, which I don’t use, than maybe their telephone system stuff?
This week I also had alot of “intrusion attempts” by the Windows OS ( so generic ain’t it?). To solve this, I finally remembered I had unmarked the checkbox of “Trust the applications digitally signed by Trusted Software Vendors” in the Defense+ Settings. After I rechecked it I was ok. My “intrusions” were all loopback attempts that would occur during A/V updates, I think. But your’s look different than that, unless it’s a phone modem type of thing, maybe?
Maybe, since you now have upgraded to 3.8 (which is what I just did too before my prob) you need to add a trusted vendor to the list of “My Trusted Software Vendors” , it’s easily found under the Defense+ tab. Think about what software you use and need and see if they are there.
Now I have a question for you. When you were at your computer when you could watch these intrusion numbers climbing, did you get any pop-up alerts?
Just be careful when adding or removing items from the list. There is a current bug that if changes are made to the list, CIS prompts you that an update is available. Updating reinstalls the default list. So if you add or remove a vendor from the list, don’t run the update or your changes will be reverted.
I have the same problem ,started after the update to v3.8 (never had this with v3.5) .
Yesterday i did a clean insatll of Vista , i installed Opera, Avira Premium and CIS (Firewall and D+) .And it started again ???
I wouldn’t characterize it as a problem though. But I suspect CIS has gotten more potent at discovering and preventing intrusion attempts
[quote author=Sandwater link=topic=36094.msg265798#msg265798 date=1238736159]
Wow, I saw your screen shot. That’s alot of different addresses and ports. But if indeed it’s something to do with verison, which I don’t use, than maybe their telephone system stuff?
This week I also had alot of “intrusion attempts” by the Windows OS ( so generic ain’t it?). To solve this, I finally remembered I had unmarked the checkbox of “Trust the applications digitally signed by Trusted Software Vendors” in the Defense+ Settings. After I rechecked it I was ok. My “intrusions” were all loopback attempts that would occur during A/V updates, I think. But your’s look different than that, unless it’s a phone modem type of thing, maybe?
Maybe, since you now have upgraded to 3.8 (which is what I just did too before my prob) you need to add a trusted vendor to the list of “My Trusted Software Vendors” , it’s easily found under the Defense+ tab. Think about what software you use and need and see if they are there.
Now I have a question for you. When you were at your computer when you could watch these intrusion numbers climbing, did you get any pop-up alerts?
To answer your question no pop up alerts were noticed.
I don’t move around at all, but my wife and I share the USB internet connection. But all those intrutions came from one session. My intrusion count is now in the 5000 range.