Results 1 to 10 of 18

Thread: Getting tired of port 0 showing up in your logs?

Hybrid View

  1. #1
    Join Date
    Dec 2002
    Location
    Mikado Michigan
    Posts
    2,596

    Default Getting tired of port 0 showing up in your logs?

    what you do is to create a Zone expert rule (not a program) and give it a name and select block, and under the logging options select none, then go to the protocol and add one , Select ICMP for theprotocol and then select ICMP ECHO and make sure it says port 0. Now all this will do is keep the pings from being logged, it will not stop them.

    Message Edited by Hoov on 08-27-2003 09:59 PM
    My homes are SpywareHammer.com and DonHoover.net and BleepingComputer.com


    Consumer Security - 2011 & 2012

    Tilting at windmills hurts you more than the windmills.
    -From the Notebooks of Lazarus Long
    Senior of the Howard Families

  2. #2
    marc99 Guest

    Default Re: Getting tired of port 0 showing up in your logs?



    I set up a rule as described and made it rule #1, but I'm still getting log entries for ICMP (type:8/subtype:0) - lots of them!

    Marc

  3. #3
    Join Date
    Dec 2002
    Location
    Mikado Michigan
    Posts
    2,596

    Default Re: Getting tired of port 0 showing up in your logs?

    Did you make it a firewall expert rule (not a program rule)? Also did you select block? And when you added the protocol did you select ICMP from the drop down protocol l list?
    My homes are SpywareHammer.com and DonHoover.net and BleepingComputer.com


    Consumer Security - 2011 & 2012

    Tilting at windmills hurts you more than the windmills.
    -From the Notebooks of Lazarus Long
    Senior of the Howard Families

  4. #4
    marc99 Guest

    Default Re: Getting tired of port 0 showing up in your logs?



    Yep, did all those things, but the log entries keep on coming...


    Marc

  5. #5
    Join Date
    Dec 2002
    Location
    Mikado Michigan
    Posts
    2,596

    Default Re: Getting tired of port 0 showing up in your logs?

    This will sound stupid, but did you click apply? If you did try rebooting your machine. The rule does work, the only port 0 logs I am getting are when I disable that rule.
    My homes are SpywareHammer.com and DonHoover.net and BleepingComputer.com


    Consumer Security - 2011 & 2012

    Tilting at windmills hurts you more than the windmills.
    -From the Notebooks of Lazarus Long
    Senior of the Howard Families

  6. #6
    marc99 Guest

    Default Re: Getting tired of port 0 showing up in your logs?



    As far as I can tell the rule is set up correctly and 'applied'. It is also in the #1 position. I set up the rule yesterday and have just booted up today - new alerts are still being recorded in my log.

    I don't recall seeing blocked ping echos being logged before, or if they were being logged there weren't very many. However your note prompted me tocheck the log and there were lots, indeed a lot of the log content is now blocked ping echos.

    It would be nice if theZA logging function had some user selected filter options rather than just High, Medium, Off. That way, at least if I can't stop the blocked ping echos from being logged, I wouldn't have to look at them

    Marc

  7. #7
    joelocke Guest

    Default Re: Getting tired of port 0 showing up in your logs?



    Hoov, you mentioned in another reply that repeated port 0 ICMP was caused by a virus...

    I am getting SEVERAL from IP addresses that are from my own provider. 68.8.x.x, 68.10.x.x and 68.11.x.x

    Now, is this because of a virus on MY computer or their's?! I have sent an abuse message to my provider and heard nothing back.

  8. #8
    Join Date
    Dec 2002
    Location
    Mikado Michigan
    Posts
    2,596

    Default Re: Getting tired of port 0 showing up in your logs?

    Its a virus on thier computer (but scan yous to make sure you don't have it too). Also your ISP probably won't do anything, but you can go to www.mynetwatchman.com and sign up for his service and use it, it may help.
    My homes are SpywareHammer.com and DonHoover.net and BleepingComputer.com


    Consumer Security - 2011 & 2012

    Tilting at windmills hurts you more than the windmills.
    -From the Notebooks of Lazarus Long
    Senior of the Howard Families

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •