Web attacks/intrusions?

Norton's AV and antimalware is notorious for false positives. And has been known for that for many years. Back 13 years ago when I was a computer consultant, I always steered my clients away from Norton's when I could. Oh, they were great the first few years they were in business, but eventually the bean counters took over and their software got less and less user friendly as they shifted their focus to huge government contracts and away from individual users.

I finally dumped Windows a couple years ago in favor of Linux so I'm out of the AV knowledge loop now, mostly, but what I'd suggest is a concentrated search effort to see what other people are recommending these days with an eye to replacing Nortons.

Last I remember, MalwareBytes was the best out there, with fewer false positives.

What specific threat is it complaining about?

These programs sometimes incorrectly identify benign files or sites as threats, either through random chance (they check files based on some sort of hash, and it's mathematically impossible to avoid all false positives using hashes) or because they are just too picky about some things. I remember once seeing a big alert because some web site sent a corrupt picture file where the dimensions stored in the file did not match the the picture's actual dimensions. That wasn't an attempt to hack or crash my browser; it was just a bad picture that someone put online, presumably without realizing it, or one that had the file data corrupted somewhere along the way.

In case you're curious, a hash as used here is a sort of mathematically derived fingerprint or summary formed by combining down all the data in the file or whatever using some algorithm that produces a number in a fixed range. Typically the hash is a dozen or so bytes long, the exact length varying with the algorithm used. The algorithm is usually designed such that changing anything in the input will generally produce a different hash value (every part of the input contributes to it), and also such that it's very hard or impossible to go backwards and create an input that produces a specific hash value other than by enormous amounts of trial and error. Since the hash is smaller than the input, and so there are fewer possible hash values than inputs, it is a mathematical necessity that more than one input will have the same hash value. (This math principle is named the pigeonhole principle: if you have a greater number of pigeons than pigeonholes, then at least one pigeonhole will have more than one pigeon in it.)

jerseyjim wrote:
2nd time...when using rvparkreviews.com, clicking on a link to what might be an interesting campground....it turns out to be one of the SUN company locations...my NORTON gives me an alarm of a "web attack" "intrusion attempt"...both times coming from the SUN website. (NORTON says they took care of it, I have to do nothing)

After the first time, I contacted SUN and they said "it is not from us". So here we are again.

Anyone else having this?

You may have other issues. There may be addware/spyware on you machine that hijacks the URLs. Although you may see SUN company in the name, the real link may in fact be something else. Hover over the link with the mouse, or right mouse click on the link and inspect the URL. If the issues persist, try using a different browser. Sometimes, Microsoft malware removal tool helps, sometimes spybot search and destroy works when Norton does not pick it up. If your Norton subscription is near the end, you may wish to try Trend Micro. Don't care for McAfee much, it is a hog.

Most likely a false positive on Norton's part...

I don't use Morton or Macafee. Just went to a known Sun CG site, no issues.