Tracking down access attempts.
As a new user I was amazed to see the shear number of inbound attempts that are being blocked.I looked up some of the IP addresses on Whois and I find most of them come from foreign Internet registration organizations
such as RIPE or Asia - Pacific.
That's all the info I can get and it doesn't tell me anything.
I'm making an assumption that it is members of these groups that are actually doing the query but I have no way of knowing who they are or whether they are benign or malicious.
I'm going on the malicious assumption.
I'm going to turn off the notification popup so I'd like to know if I am right in assuming that if ZoneAlarms blocks inbound attempts they really do need to be blocked.
Is there any way of telling where or who these attempts are actually coming from?
Operating System:Windows XP Home Edition
Product Name:ZoneAlarm (Free)
Re: Tracking down access attempts.
The "inbound attempts" you refer to are mainly what is known as Internet Background Noise. There is lot of background traffic that keeps the internet going that you don't see and much of this traffic is sent by ISP's and service providers to ensure connections between computers is open, and that the data quality is suitable. It might also include acknowledgments that data packets have been received correctly, or maybe requests to resend packets which have been corrupted. Yes there are malicious attempts to break in to your computer but without inside help, a hacker cannot get in.
See my post at http://forum.zonelabs.org/zonelabs/b...&message.id=78 for more information.
Your best defence against a hacker is to get behind a NAT enabled router which will block unrequested data packets. Programs like Zone Alarm will provide you with some protection against outgoing data should a malicious program get installed. However, it can only ever be as secure as the OS on which it runs and we all know how vulnerable Windows is - even Vista has been exploited already!