| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 26653 | 2002-11-01 21:25:00 | FIREWALLS: | Baldy (26) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 95263 | 2002-11-01 21:25:00 | I have a question regarding Firewalls........ I want to install a Firewall, but am unsure of how to tell what/who is trying to gain "access" to the computer, when the icon flashes in the task bar (I think the computer I saw it working on had ZA) Is there a really easy way to tell? BALDY:-) |
Baldy (26) | ||
| 95264 | 2002-11-01 21:59:00 | Hi Baldy With firewalls you can check the logs to see what ports have been scanned and what IP address it came from. You can then use SamSpade IP tracing to get more information. Most the "warnings" will be just normal routine behind the scenes stuff. It is best to turn off the pop-up alert warnings or it will drive you nuts and make you paranoid. Just check the logs manually if you are curious. With Outpost, you can configure the settings only to alert you if a multiple port scan occurs from the same IP (I think) which is more likely to be a true attack. HTH Jen |
Jen C (20) | ||
| 95265 | 2002-11-01 22:00:00 | The firewalls I have tried have a log file that can be used to record "activity". If you are going to use ZoneAlarm there is also a good add-on called VisualZone Report Utility, that gives lots of info about intrusion attempts. www.visualizesoftware.com |
Terry Porritt (14) | ||
| 95266 | 2002-11-01 22:56:00 | I use ZA free and when I first installed I was paranoid as hell because of all the hits I was getting . I would search them out using the programmes mentioned above to find out where they were from . I realised that I spent over 50% of my time worrying who was trying to get in, and most of them were just IP scans . Even if I did find them what was I going to do anyway? Hack them back, nah . . . . I don't know how . I am just pleased to know that they didn't get in . I still have ZA free but realised that my time on the computer should be for my enjoyment, not to worry about someone getting in . I have the alerts turned off, but periodically check ZA log just out of curiosity . One thing that I do find interesting is the amount of programmes that are installed on my computer that want to access the internet . I find it more useful to know what traffic is wanting to go out as that is more specific to your computer than an IP scan from the outside scanning a range of IP addresses . I'm on XP pro, Jetstream Starter and use Xtra . sam m |
sam m (517) | ||
| 95267 | 2002-11-02 01:43:00 | Hi Baldy, I use Outpost and it doesn't annoy me with all that flashing going on to let you know someone's "trying to get in" but every now and then, when my modem lights start going crazy and I know I haven't done anything, I'll just have a quick look in Outpost to see why . Sometimes it's really interesting . For example a couple of days ago I saw Verisign and Paypal being very busy connecting with my machine . It scared the hell out of me to start with until I found it was because of a page that I had opened . I still don't know what it was doing but it was probably checking certificates/cookies or something - but don't ask me why because it wasn't an online store or anything . I cut it off quick smart . ;-) Other times I see strange things going on that I promptly stomp on if I can't figure out what they are, and Outpost is a boon for blocking apps' access to the web when I haven't given them permission to do so . I read somewhere that most of the "alerts" are just from pages you have open "checking to see if you are still there" and aren't trying to hack into your PC at all . That's why it's a good idea to turn off those alerts or they'll drive you nuts . I know a few people here think you don't need a firewall for dial-up but I like to know what's going on, if nothing else . :-) |
Susan B (19) | ||
| 1 | |||||