Over the past week or so I was encountering problems regarding my ZA Free Firewall. The problems consisted of the logs sometimes refusing to clear. Although I have yet to find a permanent solution to this that's not why I'm making this thread.
In the past & recently too I've gotten dozens of blocked attempts involving a particular port & IP shown here: http://fwalerts.zonealarm.com/fwanal...3&tab=overview
Now based off my research I've found out that a denial of service tool called "trinoo" exploits port 27655. A more detailed description of this that I still cannot fully understand is here: http://www.cert.org/incident_notes/IN-99-07.html
With all that in mind is why I've always kept my ZA settings maxed out. True this could be the cause of my logs not clearing although my security is more important then the logs being stubborn. I am starting to wonder about some questions though.
1: What is an internal IP?
2: How can it be infected? I've run scans with MSE, Microsoft Safety Scanner, Malwarebytes & even the offline Windows Defender scan run via a bootable flashdrive. All of which always claim I'm clean. Even the GRC Shields Up test says that all my ports are secure. However, if that test is based off my router & not firewall, then why is my firewall logging the dangerous blocked event?