Good questions, idjutt
, I had the same ones when I had ZA installed.
A lot of them are simply your ISP "pinging" your computer to verify that the connection exists. Seems extraneous, since in my case, the connection does not end when those "probes" fail to get past the firewall. So, the first thing it means is that the firewall is working. (thats good)
ZA instruction manual, I recall is over a hundred pages. Settings can be modified to allow ISP "requests" for verification. I never bothered, although I was close to modifying several of them based on the reading. I experienced some problems with ZA that don't neccessarily discount it. Might have been that version update or some other things. Having read the darn manual I kept it functioning longer than perhaps I might have. IMO. I tried Sygate and started from scratch.How Stuff Works:FirewallsTutorial here at BC
To find out the answer to whois
or any address involved, you can google or go here ARIN
or here RIPE
or even here APNIC
copy/paste to the search field.
(TCP Port 445)(TCP Port 2529) These refer to either ports on your computer or ports on computers at the other end of the connection (simply put, though you'll find it might be a little more complex than that) A good site to get information and test your "port vulnerability" is here: Gibson Research-Shield's Up
Just click on "shield's up" and proceed. Other scans exist online, but this one goes into definitions of the ones that have been attractive to abuse. Keep in mind, your computer has 65,000 of them called TCP, and another 65,000 called UDPwikipedia computer dictionary
This link is to the page defining those terms. Put anything else you need a definition of in the search field off to the left.
No easy answer, I'm afraid... from me. I hope this gets you further, though.