Results 1 to 10 of 10

Thread: Blocked Intrusions?

  1. #1
    lanchi Guest

    Default Blocked Intrusions?

    Hi
    I was just wondering is it normal to have 85 082 blocked intrusions since install ?Out of these 3 851 are high-rated.I don
    t remember when i last re-installed but how long time do you normaly need to get so many intrusions?


  2. #2
    Join Date
    Dec 2002
    Location
    Mikado Michigan
    Posts
    2,596

    Default Re: Blocked Intrusions?

    Once I had 75,000 in less than 24 hrs. Are there anything common about the intrusions? Same group of IP address's? Ports? Can you make a guess as to how long its been since you did a clean install?
    My homes are SpywareHammer.com and DonHoover.net and BleepingComputer.com


    Consumer Security - 2011 & 2012

    Tilting at windmills hurts you more than the windmills.
    -From the Notebooks of Lazarus Long
    Senior of the Howard Families

  3. #3
    lanchi Guest

    Default Re: Blocked Intrusions?

    The majority is comming from the same IP. I think I reinstalled ZA a couple of months ago so maybe it
    s not so strange. At least not comparing to your 75 000 on one day.

  4. #4
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Blocked Intrusions?

    What is the IP of the intrusions? This can help us to possibily remedy this.

    Oldsod
    Best regards.
    oldsod

  5. #5
    lanchi Guest

    Default Re: Blocked Intrusions?

    I was wrong. I was looking at destination IP instead of source, they
    re all different.

  6. #6
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Blocked Intrusions?

    OKAY

    Use these to find out some info about these sources:

    http://ws.arin.net/whois

    http://www.dnsstuff.com/

    and in the Tools section of

    http://www.fixedorbit.com/

    Oldsod
    Best regards.
    oldsod

  7. #7
    lanchi Guest

    Default Re: Blocked Intrusions?

    Wow, that
    s cool. Thank you. These are some companies like RIPE Network Coordination Centre and Asia Pacific Network Information Centre.

  8. #8
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Blocked Intrusions?


    <blockquote><hr>Lanchi wrote:
    Wow, that
    s cool. Thank you. These are some companies like RIPE Network Coordination Centre and Asia Pacific Network Information Centre.
    <hr></blockquote>


    Hi these iwo seem innocent enough. Any others that could point to some malicious activity?

    Oldsod
    Best regards.
    oldsod

  9. #9
    lanchi Guest

    Default Re: Blocked Intrusions?

    Hi
    I did a random search among the last 100 intrusions and they all seem to be some companies like:
    Comcast Cable Communications Holdings, Inc RW2-NORTHEAST-6Internet Assigned Numbers AuthoritySavvis
    ..plus those i mentioned earlier.

  10. #10
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Blocked Intrusions?

    Hi

    IANA and the networks are nothing uncommon. That is normal. What are the exact names of the IP, not the general DNS addresses? Or to be exact for example instead of Pacific Bell it could freezer.com or movies.com that uses the Pacific Bell range of IP's.

    This is why I did ask for the IP's to help verify if a hacker is involved or if it is just normal traffic or if the Zone Alarm itself is improperly set up.

    Oldsod
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •