Like a complete ***** I switched off (completely disabled) ZoneAlarm for 3 minutes max to determine if a program worked without it.
After switching back on, I checked in my Alerts and Logs section. There are about a dozen 'medium' alert logs within the last 3 weeks, but the one of real concern is at the top, is described as 'High Risk', and occured within seconds of restarting the Firewall. While it was blocked because the Firewall was back up, it obviously leaves me wondering what was going on in the minutes / seconds before when the Firewall was down.
Source IP: 220.127.116.11:1064
Destination IP: 192.168.1.33.137
The source seems to be somewhere in Brazil, but presumedly this could be spoofed / routed from elsewhere?
I feel incredibly stupid for turning my Firewall off. I use a lot of encrypted routing through Tor and other programs etc, so guess I was asking for trouble?
How much damage can be done in 3 minutes? 'Give me the plain truth doctor!'
This incident should be considered serious shouldn't it?
To confirm, I switched my Firewall off for 3 minutes for testing purposes, but within seconds of restarting, I had a high level alert, the first alert in days and the first high level alert in weeks / months.
Windows XP Home Edition
Message Edited by GabrielKnight on 03-31-200608:21 AM