Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What does it all mean?


  • Please log in to reply
2 replies to this topic

#1 idjutt

idjutt

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:12:37 AM

Posted 25 September 2004 - 02:26 PM

:thumbsup:

ZoneAlarm keeps popping stuff up at me like this:


"The firewall has blocked Internet access to your computer (TCP Port 445) from 65.176.64.41 (TCP Port 2529)[TCP Flags: S]

Really. What does it 'mean' and how do I find out just WHO might be trying to get to my 'puter and why?

Thanks

BC AdBot (Login to Remove)

 


m

#2 phawgg

phawgg

    Learning Daily


  • Members
  • 4,543 posts
  • OFFLINE
  •  
  • Location:Washington State, USA
  • Local time:09:37 PM

Posted 25 September 2004 - 09:59 PM

Good questions, idjutt, I had the same ones when I had ZA installed.

A lot of them are simply your ISP "pinging" your computer to verify that the connection exists. Seems extraneous, since in my case, the connection does not end when those "probes" fail to get past the firewall. So, the first thing it means is that the firewall is working. (thats good)

ZA instruction manual, I recall is over a hundred pages. Settings can be modified to allow ISP "requests" for verification. I never bothered, although I was close to modifying several of them based on the reading. I experienced some problems with ZA that don't neccessarily discount it. Might have been that version update or some other things. Having read the darn manual I kept it functioning longer than perhaps I might have. IMO. I tried Sygate and started from scratch.

How Stuff Works:Firewalls
Tutorial here at BC

To find out the answer to whois

65.176.64.41

or any address involved, you can google or go here ARIN
or here RIPE or even here
APNIC
copy/paste to the search field.

(TCP Port 445)(TCP Port 2529) These refer to either ports on your computer or ports on computers at the other end of the connection (simply put, though you'll find it might be a little more complex than that) A good site to get information and test your "port vulnerability" is here: Gibson Research-Shield's Up Just click on "shield's up" and proceed. Other scans exist online, but this one goes into definitions of the ones that have been attractive to abuse. Keep in mind, your computer has 65,000 of them called TCP, and another 65,000 called UDP

wikipedia computer dictionary This link is to the page defining those terms. Put anything else you need a definition of in the search field off to the left.

No easy answer, I'm afraid... from me. I hope this gets you further, though. :thumbsup:
patiently patrolling, plenty of persisant pests n' problems ...

#3 idjutt

idjutt
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:12:37 AM

Posted 26 September 2004 - 11:19 AM

:thumbsup: Thank you. I've used Sam Spade to look at the IPs but it really doesn't tell ME anything. Sometimes it's not just 'pinging' and I get the 'red alert' from IPs other than my IP provider.

Thanks




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users