Kaspersky
Solved

Why I keep getting attack at same people and ip address

  • 30 January 2021
  • 7 replies
  • 290 views

Badge

I am a new user of kaspersky. What happen to my computer why I keep getting same people attacking me.
Picture:

 

icon

Best answer by Berny 30 January 2021, 13:33

View original

This topic has been closed for comments

7 replies

Userlevel 7
Badge +9

@rm -rf /* Welcome. Please see this https://threats.kaspersky.com/en/threat/Bruteforce.Generic.RDP/

Also, please disable “Remote access” on your system.

Since Brute Force is being blocked by Kaspersky every time it attacks my computer, why is it still attacking?  What can it gain from continuing to attack?

 

Userlevel 7
Badge +9

@whiskerlady Please submit a Wireshark report to Kaspersky Technical Support 

https://my.kaspersky.com/techsupport#/requests/new 

honestly , this KIS is half as dumb software as i can find… it works but its dumb and stupid...

and the support gives blanket answers that helps no one…

and the online website guide is perfectly useless. 

now PLEASE , I dont need stupid answers and obviously retarded solutions.

the remote access Stay Active because it is Required …. if i do not require it I would have to turn it Off …. 

heres the First Problem

100s of remote access attacks … minutes and even seconds apart from the Same IP address, this has been going on for years , and updates do not fix this problem and there are No efficient  counter measure provided by KIS software >» are you guys [removed by moderation] or what ?

Block Attacking Computer option is Enabled. computer is ADDED for 32768 Minutes.

question 1 : where is the bloody blocked list ? it is, I repeat, it is Not inside manage exclusions like the website says it would be .

Question 2 : Why doesn’t’t it Block ? after say maybe 3 or 4 attempts ? i added 32768 minutes … i get the same IP ADDRESS attacking every 3 to 5 minutes for the entire day… How intuitive is that ?

Question 3 / Feedback :  why cant i manually add a block ip address ?? if i could where is it hidden ?! should it not be a manage list or inside where the manage exclusion is ? , Why Only Manage Exclusion ? why is there No Manage Block IPs ?   better yet why can i set the number of allowed tries, or set a logically simply to understand masking list ? example . i know 23.x.x.x is always attacking .. WHY cant i just block 23.0.0.0 ? How hard is it to [removed]  implement this ? why cant i SET number of repeated attackes before adding the ip to the block list automatically. and yes again where is the Block List ?? 

you kis charges $100s of dollars but gives a software that is almost as secretive to use , guides are hopeless and not to point, and features are stated but missing. wake up the [removed]  idea please… and fix this nonsense..
 

this option 32768  (i just changed to 32767 to see if it works ) has been on since 2 to 3 years ago …  still until today look at the attack times  … Does it look like its’s working to you ? does it look like its doing its job to block   ?? 

NOooooooo, It does Not! … PLEASE fix the damn thing

Userlevel 7
Badge +4

Hello,

Your post was heavily  edited to make it appropriate to the nice, kind, loyal, polite readers of this forum who are just simply

other nice people who use Kaspersky software. We want to help you, for free and for fun.

 

The paid professionals who are equipped to deal with hostile outbursts are located at Tech Support, located at top of this web page. It will be much easier to help you if the emotional tone is reasonably neutral. 

Thank you, Berny, for the link to report the problem.  I did not need to use it.  I simply inactivated remote access and they stopped attacking my computer.  I do remote to a different computer for work, but no one remotes into my computer so that helped.  I suppose if I ever needed someone to remote into my computer I could reactivate remote access, but that probably won’t happen.

i’m sorry i’m just really [removed]  that this feature has been around for years, but nothing has been done to repair it… every day i get complains about this various attacking and the KIS popup say it has been blocked but then the next second it occurs again, and when you look at the report, the same ip has been attacking for hours  … it was never blocked even when the option clearly states to block it. 

then you look to online guides for answers, and there is many different versions and there are versions that state to add the ip manually. but when you try to follow the instructions to the letter, such feature does not exists. so either the software is broken or the guide is written by some quack.

then you look to forums for answers and all you see are answers to eliminate the problem and but not resolve the underlying feature issues. 

[removed]  off at many aspects.

if i wanted eliminate the problem, i would have simply shut the RDP off. of course i cannot do that because my clients require that access.

imagine wasting hours on end trying to “figure” out the settings only to realize it does not do what you want it to do, heck it does not even do what it states it would do. you pay for a software expecting it to perform, it does not perform and the support solution is to eliminate the source. that is not how support should work.

 

you walk into a store to buy a pen. the pen does not write. you seek answers and the next fellow tells you not to use a pen. tell me honestly that would not [removed]