Results 1 to 4 of 4

Thread: Blocked incomming TELNET connections

  1. #1
    lozzz Guest

    Default Blocked incomming TELNET connections

    Hi, I have a question regarding ZA Firewall alerts. In the last two days I seem to be having many attempted connections form various IP addresses. They are mainly labelled as (TELNET) but some are also (TCP port 445) and most are designated high risk. All are being blocked by the ZA firewall. In some instances I am getting one a minute.
    Is this a hacking attack or just random attempts to find a vulnerable computer? I have not noticed this behaviour before to this degree. Below I have copied in an example from the log.

    I dont know if it is related but this seems to have happened since the latest ZA program update. I have done a scan with 3 different Virus/malware scanners and they show a clean system.


    FWIN,2010/07/28,23:29:24 +8:00 GMT,61.64.225.231:14324,123.3.69.92:445,TCP (flags:S)
    FWIN,2010/07/28,23:29:36 +8:00 GMT,217.19.123.89:3054,123.3.69.92:445,TCP (flags:S)
    FWIN,2010/07/28,23:29:48 +8:00 GMT,85.62.229.21:5060,123.3.69.92:5060,UDP
    FWIN,2010/07/28,23:32:46 +8:00 GMT,96.55.112.194:4065,123.3.69.92:445,TCP (flags:S)
    FWIN,2010/07/28,23:39:10 +8:00 GMT,151.61.158.50:2155,123.3.69.92:445,TCP (flags:S)

    Any advice would be appreciated.

    Regards, laurie


    WIN 7 Home premium
    ZA Antivirus Ver 9.3.014.000
    AV engine ver 8.0.2.48 1023244288
    ZA Browser Sec 1.5.152.10

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: Blocked incomming TELNET connections

    They can be related to compromised systems or simply internet noise.

    Your ZA is doing its job and deflecting all of these unsolicited calls, you are perfectly safe. For more information on port 445 TCP see here.

    Signs of malware infections may be exposed by unusual outbound connections (your PC --> the internet) rather then the contrary.

    Avoid installing other AVs on your system, you will increase the possibility for conflicts and you may reduce the ability of ZA to effectively contrast an infection (detection and cleaning).

    If you feel unsafe with your current ZA you may want to think about upgrading to more complete solutions like ZA Extreme.

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    lozzz Guest

    Default Re: Blocked incomming TELNET connections

    Hi Fax, thanks for Your quick reply. I may have a look at the Extreme package. There are no odd outgoing connections that I can see. But then would they appear in the Firewall log anyway? The other Scanners I use are on demand only and not resident background scanners.

    Thanks again.
    Laurie

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,291

    Default Re: Blocked incomming TELNET connections

    Quote Originally Posted by lozzz View Post
    But then would they appear in the Firewall log anyway? Laurie
    Hi again,
    yes, they do. See here below for the coding in logs.
    http://zonealarm.donhoover.net/main8.html

    It may be easier to use the Alert& Log Section of ZA:
    http://zonealarm.donhoover.net/alertlogs.html

    Quote Originally Posted by lozzz View Post
    The other Scanners I use are on demand only and not resident background scanners.
    Unfortunately most modern scanners load system files and dll at boot even if they are disabled. So potentially, they are still able to create problems to ZA and the system. If you have a good knownledge of them and how they work then please ignore this.

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 3
    Last Post: April 21st, 2008, 05:17 PM
  2. Thousands of connections in one hour blocked???
    By klikerko in forum Security Issues
    Replies: 7
    Last Post: February 21st, 2008, 04:32 PM
  3. Replies: 5
    Last Post: December 31st, 2007, 11:24 AM
  4. Replies: 0
    Last Post: October 23rd, 2007, 12:23 PM
  5. Outgoing connections from Windows Explorer (ZA) blocked
    By johnnnn in forum Windows and ZoneAlarm Messages and Alerts
    Replies: 2
    Last Post: August 9th, 2007, 04:32 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •