| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 26832 | 2002-11-06 07:13:00 | zone alarm | ssssss (2100) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 96496 | 2002-11-06 07:13:00 | My zone alarm had 49 alerts after a couple of hours internet session the other day. Can anyone tell me why there were so many, and what sort of attack on my computer they would likely be? | ssssss (2100) | ||
| 96497 | 2002-11-06 07:36:00 | Hi, most (if not all) alerts are false alerts from normal internet interactions. You can check ZA logs for more details which should tell you what ports were scanned and an IP address. When I had ZA I was receiving 100+ alerts per hour over a one week period once - drove me nuts. I personally think ZA is too sensitive and generates a lot of false alerts. Why don't you post a cut & paste a segment of your log here if you would like further clarification. Jen |
Jen C (20) | ||
| 96498 | 2002-11-06 07:46:00 | Thanks Jen for your response. Here is one report:- Your computer is trying to contact IP address 207.114.130.8 ZoneAlarm stopped Internet traffic from leaving your computer. No breach in your security has occurred. Your computer is safe. What happened? The ZoneAlarm firewall blocked an outgoing communication from your computer to port 0 on a remote computer whose IP address is 207.114.130.8. This might have occurred because a program on your computer tried connect to the Internet before ZoneAlarm was fully started. Should I be concerned? No. ZoneAlarm blocked the connection attempt, so no harm can come to your computer from it. |
ssssss (2100) | ||
| 96499 | 2002-11-06 08:05:00 | I used SamSpade.org to get more information on 207.114.130.8 and found this IP address is associated with "Time Warner Telecom Internet" and "Whole Earth Networks", both ISP's I think. The fact this is an outgoing internet traffic suggests something on your PC is trying to contact to the internet. This could be anything from spyware to legit programs. Do you have the anti-spyware program called Ad-aware? Give it a run if you do, or download it from here (http://www.lavasoftusa.com/). There are other people much better than me for deciphering traces on IP's so they may be able to dig out further information. Cheers Jen |
Jen C (20) | ||
| 96500 | 2002-11-06 08:49:00 | Tried to dig out some more clearer information on what firewall alerts generally mean to the average user and found these: Xtra - Personal Firewalls (xtra.co.nz) information SamSpade - Personal Firewalls (www.samspade.org). This person has a rather strong opinion on ZA Firewalls in general! Hope this helps. Jen PS*There is an option in ZA to turn off the pop-up alert notifications if they keep bugging you. |
Jen C (20) | ||
| 96501 | 2002-11-06 10:49:00 | I can't remember when ZA last complained at me... but it always does for a reason, and it's up to you to work out if what concerns ZA should be exceptible or not. It should learn to except everything you do over time, perhaps the fact that i am connected 24/7 is why mine has truly shut up, although i think it is more that i have Sam the Linux box between me and the net... Sam deals with all the noize and ignores it, but in your case ZA lets you know about it instead. As it is blocking it, i would shut the notifications off |
Clueless (181) | ||
| 1 | |||||