Results 1 to 4 of 4

Thread: Blocked outgoing alert - 208.185.174.66

Hybrid View

  1. #1
    cnmckenney Guest

    Default Blocked outgoing alert - 208.185.174.66

    Got blocked outgoing msg alert. got following info on more info request. Is this a legit ZA message that should be allowed or a spoof?

    Thanks,
    Carlton


    SmartDefense Advisor Overview Technical Info Details Hacker ID



    Report Info Whois Detail Location Details

    Whois Report from ZoneAlarm



    Details about 208.185.174.66, the IP address of the computer that caused the alert you received from ZoneAlarm Security Suite, are provided in the Whois report below. The information in the Whois report comes from the Regional Internet Registry (RIR) for the region where 208.185.174.66 is located: ARIN, RIPE, LACNIC or APNIC. The name of the RIR appears in the Whois report.

    The Whois report includes the name, address and contact information for the Internet Service Provider (ISP) that administers the block of IP addresses that contains 208.185.174.66. The report probably does not list the administrator of the specific computer at IP address 208.185.174.66.

    You should not assume that individuals listed in this report are responsible for the alert you received on your computer.

    Top of page


    Map this IP address
    Top of page

    Whois Information



    Abovenet Communications, Inc ABOVENET-6 (NET-208-184-0-0-1)
    208.184.0.0 - 208.185.255.255
    Zone Labs, Inc. MFN-B709-208-185-174-0-24 (NET-208-185-174-0-1)
    208.185.174.0 - 208.185.174.255

    # ARIN WHOIS database, last updated 2006-06-06 19:10
    # Enter ? for additional hints on searching ARIN's WHOIS database.


    CustName: Zone Labs, Inc.
    Address: 1060 Howard Street
    City: San Francisco
    StateProv: CA
    PostalCode: 94103
    Country: US
    RegDate: 2003-01-16
    Updated: 2003-01-16

    NetRange: 208.185.174.0 - 208.185.174.255
    CIDR: 208.185.174.0/24
    NetName: MFN-B709-208-185-174-0-24
    NetHandle: NET-208-185-174-0-1
    Parent: NET-208-184-0-0-1
    NetType: Reassigned
    Comment: abuse@zonelabs.com
    RegDate: 2003-01-16
    Updated: 2003-01-16

    RTechHandle: NOC41-ORG-ARIN
    RTechName: AboveNet NOC
    RTechPhone: +1-877-479-7378
    RTechEmail: noc@above.net

    OrgAbuseHandle: ABOVE-ARIN
    OrgAbuseName: AboveNet Abuse
    OrgAbusePhone: +1-888-636-2778
    OrgAbuseEmail: abuse@above.net

    OrgNOCHandle: NOC41-ORG-ARIN
    OrgNOCName: AboveNet NOC
    OrgNOCPhone: +1-877-479-7378
    OrgNOCEmail: noc@above.net

    OrgTechHandle: ABOVE1-ARIN
    OrgTechName: AboveNet Engineering
    OrgTechPhone: +1-888-636-2778
    OrgTechEmail: arin@above.net

    # ARIN WHOIS database, last updated 2006-06-06 19:10
    # Enter ? for additional hints on searching ARIN's WHOIS database.

    Operating System:Windows 2000 Pro
    Software Version:7.0
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Blocked outgoing alert - 208.185.174.66

    Usage:
    nslookup [-opt ...] # interactive mode using default server
    nslookup [-opt ...] - server # interactive mode using 'server'
    nslookup [-opt ...] host # just look up 'host' using default server
    nslookup [-opt ...] host server # just look up 'host' using 'server'

    C:\Documents and Settings\SKYRIDER>nslookup 208.185.174.66
    Server: resolver1.opendns.com
    Address: 208.67.222.222

    Name: hs2.zonelabs.com
    Address: 208.185.174.66


    C:\Documents and Settings\SKYRIDER>

    Oldsod.
    Best regards.
    oldsod

  3. #3
    cnmckenney Guest

    Default Re: Blocked outgoing alert - 208.185.174.66

    That's true, but I knew all that already. What I don't know is: 1. Whether hs2.zonelabs.com is one of Zone Labs servers. 2. What the connection is intended for.
    <blockquote><hr>Oldsod wrote:
    Usage:
    nslookup [-opt ...] # interactive mode using default server
    nslookup [-opt ...] - server # interactive mode using 'server'
    nslookup [-opt ...] host # just look up 'host' using default server
    nslookup [-opt ...] host server # just look up 'host' using 'server'

    C:\Documents and Settings\SKYRIDER&gt;nslookup 208.185.174.66
    Server: resolver1.opendns.com
    Address: 208.67.222.222

    Name: hs2.zonelabs.com
    Address: 208.185.174.66


    C:\Documents and Settings\SKYRIDER&gt;

    Oldsod.
    <hr></blockquote>

  4. #4
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Blocked outgoing alert - 208.185.174.66

    See http://forum.zonelabs.org/zonelabs/b...ssage.id=17380

    Also check the logs carefully (logs in the Log Viewer of the Alerts and Log). Some additional details such as application involved and tcp flags should be listed among others.

    Oldsod.
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •