Results 1 to 3 of 3

Thread: Persistent Medium & High alerts

  1. #1
    neko333 Guest

    Default Persistent Medium & High alerts

    Hello,

    Running Windows XP SP3 and ZoneAlarm Extreme Security. Getting a lot of Firewall alerts most of them Medium and a few High. Sometimes the source DNS is a strange address. Some of the medium rated ones seem redundant and probably related to the cable modem I guess. Here is a screenshot of the alerts. Thanks for any help.


  2. #2
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Persistent Medium & High alerts

    By looking briefly at the start of the blocked IPs, there the indication these are mostly asian pacific (possible chinese) and one from latin america.

    See http://www.iana.org/assignments/ipv4...ress-space.xml for a quick breakdown of the ip address. Actual checking such as a nslookup would be more exact as to the correct providers, servers, hosts, etc.

    The TCP flags appear to be "S', which in ZA-speak indicates "SYN", which is an initial connection attempt performed by a computer or server.
    See http://www.pccitizen.com/threewayhandshake.htm


    Generally speaking, some chinese servers and providers are frequently checking IP and ports globally over the internet (for their own interests).
    In addition there is the usual internet background "noise" such as attempted VPN attempts, server connection attempts, pings,etc.
    These are blocked by routers and hardware firewalls, hence these blocked incoming do not usually appear in the home or small office's software firewall logs. However, your IP indicates the ZA is the sole firewall, and in your case it would be normal to see these unwanted connection attempts.

    In addition, if you have recently received a newer internet IP from your provider, you may be actually seeing traffic attempts from the previous owner of your new IP.
    Best regards.
    oldsod

  3. #3
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Persistent Medium & High alerts

    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. high alerts
    By cymro in forum Windows and ZoneAlarm Messages and Alerts
    Replies: 0
    Last Post: October 29th, 2007, 11:45 AM
  2. Persistent multiple alerts re zlclient and mantispam
    By noend in forum Windows and ZoneAlarm Messages and Alerts
    Replies: 5
    Last Post: June 21st, 2007, 12:40 AM
  3. Not getting any 'High" alerts??
    By 2harts4ever in forum General - Questions that don't fit any other category
    Replies: 3
    Last Post: August 20th, 2006, 01:53 PM
  4. Medium or High internet setting?
    By laer in forum Access Issues
    Replies: 2
    Last Post: February 8th, 2006, 10:58 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •