Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Quick ? On Internet Packets

  • Please log in to reply
3 replies to this topic

#1 rtspeer


  • Members
  • 5 posts
  • Local time:05:15 AM

Posted 25 February 2006 - 03:52 AM

After finally getting rid of a host of trojans and malware I think I am clean. Panda, bit-defender, spybot, ad-aware, ewido, Norton 2006 all say I am clean. I downloaded ZA and did system restore and reboot and ran scans again, clean. I noticed on ZA that I have a constant outbound flow and checked the packets. I am sending about 2 times as many packets out as in. Is this normal pinging ratio of ip address or is something leaking? I have ZA configued to only a few programs so I am not sure. I also have heard about ZA sending info to other servers. Should I consider outpost or Sygate?

Any advice would be greatly appreciated!



Edited by rtspeer, 25 February 2006 - 04:01 AM.

BC AdBot (Login to Remove)


#2 acklan


    Bleepin' cat's meow

  • Members
  • 8,529 posts
  • Gender:Not Telling
  • Location:Baton Rouge, La.
  • Local time:02:45 AM

Posted 25 February 2006 - 08:07 AM

Personally I find SyGate Presonal Firewall 5.6 far lighter on resources. That is my option, althought I find ZA an excellent product.
I see you are using Norton and Bit-Defender. Are you having any software issues? It is not good to have to antivirus running at the same time.
"2007 & 2008 Windows Shell/User Award"

#3 jgweed


  • Members
  • 28,473 posts
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:03:45 AM

Posted 25 February 2006 - 10:41 AM

A packet is a packet for 'a that and a' that. A different firewall, assuming it is functioning properly, will show the same number. I don't use Z/A, but did you check whatever logs it might have to determine which program or application is sending out packets, etc. Does this happen only while, say, surfing the Internet?
The amount of traffic is not as important as the kind (for example, the source) of traffic; this applies to both incoming and outgoing packets.
Whereof one cannot speak, thereof one should be silent.

#4 usasma


    Still visually handicapped (avatar is memory developed by my Dad

  • BSOD Kernel Dump Expert
  • 25,091 posts
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:04:45 AM

Posted 25 February 2006 - 07:39 PM

I also prefer the Sygate firewall.

But, your firewall should have a log file - go into it and check where the outgoing packets are going. Then use a reverse DNS lookup (search Google for "reverse DNS" (without the quotes) to see who owns it.

FWIW - you can also do this with incoming log files.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users