Hello, good morning.
I have a problem with certain ports, specifically port 1434, but also many others as well.
The problem is, that since I started using ZoneAlarm Pro about 4 years ago, I have been monitoring my ports to see what is being fired at them/me/my PC etc, and have been merrily submitting away, for most of the last 3 years, after I realised that I was being hammered on basically all my ports, and more specifically the port 1434, and had not thought it necessary for me to do anything, as I assumed that ZoneAlarm took care of all that for me, but obviously not, so I started to submit each and every high scoring hit on some ports, and in particular 1434, which I observed from then until now today, with 24 hour persistence, has been mercilessly hammered by (a) chinanet.cn.net (b) cnc.noc.net (c) chinamobile and basically anything & everything coming out of China, and Asia in general, but the worst offender of them all is Chinanet, as they have been banging my port 1434 daily with Incident scores of way up in the stratosphere, for example between 500.000 and 800.000+.
What I would like to know is this, If I have now submitted a 100.000 times (to wherever it goes) all these super high Incident scores, for analysis and escalation to the parties in question, then why in gods holy name are my ports still being hammered day & night, mercilessly by Chinanet, especially on 1434?
What has been the point of me sitting here, for hours, clicking like buggery, on all the various links, to find out whois, and where are, then submitting it all and providing feedback, if nothing whatsoever has changed??
What's more to the point, is how are Chinanet and the other Asian ISP's still capable of hitting my PC ports, even after this PC has been scrubbed in every imaginable way, scanned almost into another dimension by so many different spyware progs, rootkit revealers, DCOM bobulated, and god knows how many other things have been done to make this pc squeaky clean, and more like fort Knox than fort Knox. (????????????)
I know, it's questions, questions, questions, questions, and I need answers, I MUST know how Chinanet are continuing to attack my port 1434 with such outrageous high Incident scores, and yet to go unchallenged for so long, (to my knowledge) nothing has been done about them, and I am not very happy about it, or with ZoneAlarms facility for reporting these Incidents, because it seems to me that it's just a blatant "gimmick" to make us feel that we are doing something to help protect ourselves, (and to help YOU at Zone Labs to protect US, your customers) which doesn't really seem to be happening in this case.
Don't get me wrong here, I LOVE my ZoneAlarm Pro product, True vector engine 6.1.737.000 with Anti Spyware engine 184.108.40.206, DAT file version 01.200512.197, and would not be able to cope without it's unique level of protection, it's a fabulous piece of software, but that still does not explain why Chinanet are still pounding my port 1434 day & night.
Can you please find out & tell me how that is possible? and what can 'WE' do to stop 'THEM' from doing this, not just to me, but to the millions of people that they must surely be doing this to!!
As I said earlier, I have been watching them doing this for most of the last 4 years with ZoneAlarm, and I do realise that I am fully protected by ZoneAlarms True Vector engine, and am fully stealthed, (I'm invisible to the www) and all those port scans are (supposedly) blocked, but I have had more than several incidents of firewall crash, when the True vector service was knocked out, and also both my browsers have crashed a few times, (I have been using Firefox to 99%) for the last year or more, I don't like IE6 very much, it's too slow, and not as secure, and Firefox goes like artificial lightening (especially with the new tweak) but now I'm beginning to wonder if I am really 100% secure when using the Internet, even with ZoneAlarm Pro with web filtering and Anti Spyware etc!!
By the way, I use AVG 7.0 Pro Anti Virus, which does the business, without problems.
To tell you the truth, I have become totally fed-up with having to keep going in there and clicking & clicking & clicking & clicking, and submitting Incidents to no avail, but at the same time I don't want to let these Idiots continue to get away with what I am certain they are doing, which is looking for unprotected ports on pc's all over the world, and getting away with it, but I just cannot keep clicking on them everytime I come on here, finding yet dozens more of their hits on 1434, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1032, 1033......etcetera and so on, even if they are being blocked by my firewall, it doesn't matter, it is something that should not be happening. Am I right?
If you think I am, and can & would like to help me to put a stop to their Illegal activity, please let me know, and I will send you daily screen shots of their hits, and the Map location of where they are in China (if necessary).
Many thanks in advance for any attention that you can give to this issue.
Wanadoo.co.uk is my ISP, and I am in London U.K.
Operating System:Windows XP Home Edition
Product Name:ZoneAlarm with Web Filtering