I am running ZoneAlarm Security Suite version:7.0.362.000, just installed, recently ran 7.0.337 for a while.In the firewall logs I keep getting entries saying a UDP packet from port 53 on one of my ISP's DNS serverswas sent to a port 1XXX on my computer and blocked by ZA.
Yet I notice nothing going wrong, in termsof programs failing.
This while I surf the web, use Eudora, etc.
How can this be?
Here are the "technical details" of an example (with my local IP Xed out, and formatting destroyed because ZA and this forum do not play nice together):
Inside the firewall alert Alert property Alert property value Technical explanationSource IP Address 220.127.116.11 The IP address of the computer that sent the packet which caused the alert.Source Port 53 The port used by the source computer when sending the packet.Destination IP X.X.X.X The IP address of the computer to which the packet was sent.Destination Port 1324 The port on the destination computer used to receive the packet.Transport Layer Protocol UDP The protocol that allows data to be transported between software programs on different computers.Network Layer Protocol IP The protocol that allows two networked computers to locate each other on a network.Link Layer Protocol Ethernet The protocol that allows two directly linked computers to share a network cable.Alert Date Sep-02-2007 06:28:06 PM PDT The time when ZoneAlarm Security Suite detected the alert on your computer.Alert Count 1 Number of times this connection attempt repeated its attempt on your machine after the original alert. ZoneAlarm Security Suite shields your machine from repeated displays of an identical alert. ZoneAlarm Security Suite security enforcement at time of alert Alert property Alert property value Technical explanationLock Level Lock Not Engaged Internet and network connections permitted by your ZoneAlarm Security Suite settings are not blocked by a lock setting.Trusted Zone Security Level Medium This ZoneAlarm Security Suite setting enforces application privileges and Internet Lock settings, leaving your computer visible to other computers in the Trusted Zone. It does not block file or printer shares (NetBIOS) or operating system traffic to and from the Trusted Zone.Trusted Zone Servers Servers Allowed Computers in your ZoneAlarm Security Suite Trusted Zone are not prevented from connecting to server programs running on your computer.Internet Zone Security Level High This ZoneAlarm Security Suite setting blocks access from the Internet Zone to file and printer shares (NetBIOS) and other operating system services. Ports not currently in use by a program are blocked and are not visible to the Internet Zone. This Security Level also enforces application privileges and Internet Lock settings.Internet Zone Servers Servers Allowed Computers in your ZoneAlarm Security Suite Internet Zone are not prevented from connecting to server programs running on your computer.Packet Direction Incoming The packet that caused the alert was sent from a computer located somewhere on the Internet or on your network. It was being sent to your computer.Zone Internet Zone This ZoneAlarm Security Suite zone contains all the computers and networks in the world that are connected to the Internet, until you explicitly define them as members of another zone.Operating system Windows XP-5.1.2600-Service Pack 2-SP Version of operating system running on your computer.
Operating System:Windows XP Pro
Product Name:ZoneAlarm Internet Security Suite