"A remote system is attempting to access your computer

15 Nov 2005
Reaction score
Cook Islands
I installed a new version of Norton Internet Security a few days ago. I uninstalled the existing (free issue) version first. The version I have installed is N.I.S. 2005 (unused sealed pack cost me £5.49 inc on fleabay)

I am getting quite a few messages popping up saying "A remote system is attempting to access your computer".

Norton recommends that I always allow.

I am on Broadband and have a fixed IP address.

I am inclined to "always Block" these inquisitive sites.

Is there any reason why I shouldn't?
Sponsored Links
Can you not look at the sites that are trying to look at your pc?
A site wouldn't be trying to access your computer - if you mean a website. It could any manner of things and if Norton defaults to saying allow - then it might be a reply in response to an outgoing request.

Can you detail the exact messages? It could be random sweeps from nare-do-wells looking for vunerabilities - or it could be a valid response from an activity you are performing (visiting website, msn chat, email etc).

Also - just to confirm, it's asking for confirmation about an INCOMING request and not an OUTGOING one? Outgoing requeses are normally what you are in the middle of doing - the check is there in case there's something nefarious running on your PC.
Yes, I can confirm that the message says:

Program Control
Medium Risk
A Remote system is attempting to access your computer

(example data:
Time 12:10
Date 21/11/2006
Protocol: UDP (Inbound)
Remote address: : 20048)

The next one was for : 13765

Unfortunately I cannot select and copy the address so I can easily paste it into a browser.

( had a look on http://ws.arin.net/cgi-bin/whois.pl and found that the first one is RIPE and the second one is
OrgName: Shaw Communications Inc.
Address: Suite 800
Address: 630 - 3rd Ave. SW
City: Calgary
StateProv: AB
PostalCode: T2P-4L4
Country: CA
Sponsored Links
Don't be worried about background noise - there can be a lot of traffic generated by folks trying to connect to mistyped addresses, trying to connect to a machine that had previously been assigned that IP address etc. Basically, unless it tallies with something your doing, block it and dont worry about it unless it repeatedly happens.

the clue is to look for the port numbers and the protocol. In this case it's port numbers 20048 and 13765 both using UDP protocol.

You can google these ports and they look like on-line gaming ports (one called "America's Army"). Port numbers below 1000 are more basic network systems -eg, tcp 80 = web, tcp 25 = sending mail. Higher ones are more likely connections trying to connect back to a client = eg, 1864 is msn messenger etc.

One of the reason's you're being hit with this is because you are probably using a broadband modem so the broadband connection terminates directly on your machine. If you use a broadband router instead, you'll see less of these (an analogy is that when using a modem, it's like having regular phone and folks randomly dialling you - but using a router is like having an intermediate switchboard, so you don't get hit directly).