Google AdSense triggers intrusion attempt alert in Norton Internet Security

Norton Internet Security has long been known to block Google AdSense ads with its default installation of the popular virus protection program that blocks advertising by default. But now, Norton Internet Security is triggering medium risk intrusion attempt alerts, even with ad blocking turned off.

With Norton Internet Security updated, a user would see this warning alert appear.

Note that there is no option for turning this off, or “allowing” this intrusion attempt to occur.

The intrusion alert reports the intruder as, the server used by Google AdSense to serve AdSense ads. It also notes the IP address is, which their IP lookup traces back to

So what is so dangerous that it is causing this intrusion alert warning?


Yes, it is a standard Google AdSense video ad that triggered the medium risk intrusion alert. These are the video ads served by regular AdSense javascript, either with images enabled in the account or within the AdSense control panel. So if you have image ads enabled, your visitors might see this intrusion attempt alert if Google serves a Google AdSense video ad to a user who has Norton Internet Security installed on their computer. And the ad just has to be displayed, a visitor would not even get the chance to play the video ad before the intrusion attempt alert is displayed.

On the upside, regular AdSense ads are no longer blocked with Norton Internet Security with the ad blocking feature turned on, unless one of the ads in question has a destination URL that matches one of the directories or URLs in the ad blocking filter list. However, in those cases, just the individual ad is blocked, not the entire ad unit itself.

If it is a video ad being displayed, however, Symantec ad blocking will block it as an attempted intrusion attempt with the popup warning. And the unfortunate side effect of what Symantec is doing is that it gives users – particularly those who aren’t as web-savvy as AdSense publishers – the impression that it is the website they are visiting that is doing something evil and attempting the intrusion, not a third-party ad that is on the site they are visiting.

It is also worth noting that this alert is triggered by video ads appearing through the regular AdSense javascript used by regular publishers. It is not a problem only affecting premium publishers or publishers utilizing some of the special AdSense video ad beta tests.

It seems to be only with a recent update that Norton Internet Security began blocking video ads with this intrusion attempt alert. While the video ads have been out for several months, it is only recently that these alerts began appearing to users viewing pages with AdSense video ads. However, AdSense could have changed something on there end in how these ads are shown within the iframe that is now resulting in these intrusion attempt alerts. If this is the case, hopefully AdSense will revert back once aware of the problem. If it is solely Symantec who is to blame, hopefully Google and Symantec can come to an arrangement where a future Norton Internet Security update will allow Google video ads to display without causing these alerts.

Share this with others!
  • Twitter
  • Digg
  • Sphinn
  • StumbleUpon
  • Reddit
  • Technorati
  • Mixx
  • Google Bookmarks
  • Facebook

2 comments to Google AdSense triggers intrusion attempt alert in Norton Internet Security

  • Go figure…NIS blocking things it doesn’t need to block.

    I doubt we’re going to see any agreement or arrangement any time soon. NIS is an “aggressive Internet filter”, meaning it nails things that are totally innocuous.

    Personally, any time I see it on someone’s machine, I usually just uninstall it. I’ve done this 10 times now, and it’s solved problems…10 times.

    Anyway, good post. I wasn’t aware of this personally, but it comes as no surprise.

  • Norton Internet Security is the bane of the Internet. On my brand new laptop, pre-installed with NIS, I was unable to log into a site where I get daily reporting on a private affiliate relationship I have. After spending hours trying to determine what the problem could be, it was finally determined that NIS was blocking the cookie that sets in javascript. Once disabled, everything worked just fine. I’d love to see Google sue Symantec over this issue.

    Symantec is tortiously interfering with legitimate business operations. In this case, Google’s, the advertiser’s and the publisher’s.

Leave a Reply




You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>