October 02, 2006
Google AdSense triggers intrusion attempt alert in Norton Internet Security
Norton Internet Security has long been known to block Google AdSense ads with its default installation of the popular virus protection program that blocks advertising by default. But now, Norton Internet Security is triggering medium risk intrusion attempt alerts, even with ad blocking turned off.
With Norton Internet Security updated, a user would see this warning alert appear.
Note that there is no option for turning this off, or "allowing" this intrusion attempt to occur.
The intrusion alert reports the intruder as pagead2.googlesyndication.com, the server used by Google AdSense to serve AdSense ads. It also notes the IP address is 220.127.116.11, which their IP lookup traces back to google.com.
So what is so dangerous that it is causing this intrusion alert warning?
On the upside, regular AdSense ads are no longer blocked with Norton Internet Security with the ad blocking feature turned on, unless one of the ads in question has a destination URL that matches one of the directories or URLs in the ad blocking filter list. However, in those cases, just the individual ad is blocked, not the entire ad unit itself.
If it is a video ad being displayed, however, Symantec ad blocking will block it as an attempted intrusion attempt with the popup warning. And the unfortunate side effect of what Symantec is doing is that it gives users - particularly those who aren't as web-savvy as AdSense publishers - the impression that it is the website they are visiting that is doing something evil and attempting the intrusion, not a third-party ad that is on the site they are visiting.
It seems to be only with a recent update that Norton Internet Security began blocking video ads with this intrusion attempt alert. While the video ads have been out for several months, it is only recently that these alerts began appearing to users viewing pages with AdSense video ads. However, AdSense could have changed something on there end in how these ads are shown within the iframe that is now resulting in these intrusion attempt alerts. If this is the case, hopefully AdSense will revert back once aware of the problem. If it is solely Symantec who is to blame, hopefully Google and Symantec can come to an arrangement where a future Norton Internet Security update will allow Google video ads to display without causing these alerts.
Posted by Jenstar at October 2, 2006 02:39 AM
Go figure...NIS blocking things it doesn't need to block.
I doubt we're going to see any agreement or arrangement any time soon. NIS is an "aggressive Internet filter", meaning it nails things that are totally innocuous.
Personally, any time I see it on someone's machine, I usually just uninstall it. I've done this 10 times now, and it's solved problems...10 times.
Anyway, good post. I wasn't aware of this personally, but it comes as no surprise.
Posted by: Adam Senour at October 3, 2006 10:18 AM
Symantec is tortiously interfering with legitimate business operations. In this case, Google's, the advertiser's and the publisher's.
Posted by: Sheryl at October 6, 2006 03:28 PM