Backdoor/SubSeven - Why does this happen?



What's the deal with these Norton security alerts:

Attempt to connect to local computer using the Backdoor/SubSeven Trojan horse blocked.
Protocol: TCP (inbound)

All I can find is a brief description stating that someone is attempting to gain control of my system.

I want to know more.

Does this happen to everyone, or does my new system have some sort of beacon that attracts misfits?
What can be done to prevent these attacks (beyond just blocking them), and where could one report such a crime?


OSNN Advanced
I believe many many people get this message if they use Norton IS (if they check their logs/alerts).
Norton alerts users that someone is scanning their ports to see if there is an open port that will accept a connection from the trojan.
There's nothing to worry about unless you know that your computer is infected with a trojan. If it is, you should seek to remove it ASAP before any damage could be done.


Thank you for the information.

Should I assume that such ports are kept secure by N.I.S. (using the highest setting), or are there further steps that could be taken to ensure this?


Folding Team
Yah, what ming said :cool:
Firstly to ensure this kinda warning doesn't become a threat.
Give your PC a complete Anti-viral scan.
Once it's definitely free from trojans, NIS is doing it's job. It's letting you know that
someone tried to get in through a port, or scanned for a port, but the packets were dropped/refused.

Never open unsolicited emails, or click willy-nilly on attachments unless you know
exactly what you're opening and who it's from.
Keep all defininitions and firewall rules up to date, and you shouldn't be at risk from
trojan activity.

If you wish to look at what ports are open on your system, download activeports from
the NTFS front page. It'll tell you what ports are open what's controlling them, and
offers links to a comprehensive list of known ports, and trojans that utilise the said

I'd also recommend reading the following to get a better scope on PC security in general, and other users personal recommendations...
NTFS Firewall Poll
NTFS Anti-Virus Poll
Enyo's Security Links Thread

Hope this helps ;)


Political User
Since getting broadband it happens all the time to me, mostly always the sub backdoor/sub seven combo but sometimes others.


NTFS Stoner
i used to get that back in the dial up AOhelL days, its was AOL sending there wierd and wonderfull info to see if your still online.


OSNN Advanced
As I have mentioned in earlier threads there is nothing to worry about as long as you are sure your machine has not been infected with the trojan.
If uncertain of this, do find out how to remove it by visiting:

The only thing that is bugging most of you is the alerts that you are getting more than anything. This is true for me, I hate seeing the alert pop up in my face. :p

Members online

No members online now.

Latest posts

Latest profile posts

Hello, is there anybody in there? Just nod if you can hear me ...
What a long strange trip it's been. =)

Forum statistics

Latest member