Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firewall Log Question


  • Please log in to reply
4 replies to this topic

#1 BlueGrass

BlueGrass

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:05 AM

Posted 23 November 2005 - 11:13 PM

I'm a new member and security dummy with a question.

I'm running WinXP(Home) with Windows firewall, EZTrust antivirus, and eTrust Pest Patrol both by Computer Associates. I connect to the net with cable, through an SMC D-Link router with firewall. When I have Sygate Tech scan my computer, the results show all ports stealthed except I respond to Ping. My firewall log file is set to display only dropped attempts to access my computer, and the log file is loaded with them. It seems to me that unauthorized attempts to access would not pass the hardware firewall, and consequently not reach the Windows firewall where they get dropped, or am I missing something here?

.

BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,146 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:05 AM

Posted 24 November 2005 - 12:19 AM

Hello and welcome to Bleeping Computor

You should only use one fire wall
See the tutorial written by the Expert staff

http://www.bleepingcomputer.com/tutorials/understanding-and-using-firewalls/


Happy Thanksgiving
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:07:05 AM

Posted 24 November 2005 - 10:31 AM

Hi BlueGrass. Thanks for joining.

Are you sure you are looking at the XP firewall log and not the D-Link one?

Some ports are open through the router by default for normal computer operation such as port 80 for HTTP and 135 for Email. These attempts may be directed at these open ports and thus get through. Despite what boopme (sorry) says you can run a hardware and software firewall in unison and it is in fact a good idea. But the XP firewall only blocks incoming attempts. A software firewall like ZoneAlarm or Sygate will block outgoing traffic also and is useful in the event of a malware infection that attempts to "phone home" or a trojan that would connect to an IRC channel or website to download more malware.

Does your EZTrust antivirus include a firewall? Some versions do.

Edited by Leurgy, 24 November 2005 - 10:33 AM.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,146 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:05 AM

Posted 24 November 2005 - 01:54 PM

Thanks Leurgy and sorry Bluegrass, I was always under the impression to use only one. Live and learn at BC :thumbsup:

Edited by boopme, 24 November 2005 - 01:55 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 BlueGrass

BlueGrass
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:05 AM

Posted 24 November 2005 - 02:29 PM

Leurgy,

I was looking at the Windows firewall log - pfirewall.log

Do not have the Etrust firewall.

I do have Zone Labs firewall on another computer, and I like that it monitors outgoing traffic. So, a little while ago, I uninstalled the Etrust anti-virus and anti spyware plus turned off the Windows firewall, and downloaded the trial version of Zone Labs Security Suite which includes firewall, anti-virus, and anti spyware. Just trying to get the hang of it now, but I'll most likely buy it before the 15 day trial is over.

I guess the question is moot now that the Windows firewall is off. Thanks for coming in.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users