Appreciate all replies for this problem.....
I have ZA AntiSpyware/Firewall Version 7.0.483.00
Windows Xp-Home - Service pack 2 and all current updates (have not installed sp3 yet)
I have the ZA settings applied to display the Alert messages for port scan attempts, etc. The ZA works great for all types of attempted intrusions. I work on my PC at least 8 to 10 hours per day. Constantly (average of 10 times throughout the day) I receive the ZA Security Alert - ZA Firewall has blocked access to your PC - for an attempted Port Scan. The problem is that of the 10 to 12 messages I receive, they are from the same origin. Someone in China attempting the port scans. I am concerned that the attempts come from the same location (name and IP address). I reply to the ZA messages to inform ZA of the helpful information.
This is one of the many links to the alerts I receive several times each day.
Is it possible that my PC has been targeted or just coincidence that these are generic scans whenever I (or any internet connection is found) access the internet?
Appreciate your reply and advice.
Thank You, Larry
ps -as I am writing this message post, yes - another Firewall block message for the same Port Scan attempt from the same origin !!!!!!!
Info from Alerts:
Details about 184.108.40.206, the IP address of the computer that caused the alert you received from ZoneAlarm Anti-Spyware, are provided in the Whois report below. The information in the Whois report comes from the Regional Internet Registry (RIR) for the region where 220.127.116.11 is located: ARIN, RIPE, LACNIC or APNIC. The name of the RIR appears in the Whois report.
The Whois report includes the name, address and contact information for the Internet Service Provider (ISP) that administers the block of IP addresses that contains 18.104.22.168. The report probably does not list the administrator of the specific computer at IP address 22.214.171.124.
You should not assume that individuals listed in this report are responsible for the alert you received on your computer.
% [whois.apnic.net node-1]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 126.96.36.199 - 188.8.131.52
descr: CHINANET Chongqing province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
changed: email@example.com 20040203
remarks: This object can only be changed by APNIC Hostmaster
status: ALLOCATED PORTABLE
role: CHINANET CQ
address: The mainstreet 3 daping ,chongqing data communication bureau
trouble: send spam reports to firstname.lastname@example.org
trouble: and abuse reports to email@example.com
changed: firstname.lastname@example.org 20030917
person: Chinanet Hostmaster
address: No.31 ,jingrong street,beijing
changed: email@example.com 20070416
Operating System:Windows XP Home Edition
Product Name:ZoneAlarm Anti-Spyware