Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zone Alarm


  • Please log in to reply
11 replies to this topic

#1 swas

swas

  • Members
  • 149 posts
  • OFFLINE
  •  
  • Local time:05:45 PM

Posted 27 April 2006 - 11:35 AM

Hi all, I've had zone alarm for about two weeks now It says it has blocked 1500 intursion attempts. I have traced a couple of the IP addresses to foreign countries. Is there anything about these things that should worry me?

thanks

swas
How beautiful it is to do nothing, and then rest afterward

BC AdBot (Login to Remove)

 


m

#2 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,568 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:05:45 PM

Posted 27 April 2006 - 11:53 AM

Imagine if ZA didn't block!
I think much of this sort of thing is just internet noise pinging you.
Best thing, in addition to ZA, is get a hardware router. Then ZA will not have to work so hard defending you (and writing a loooooooooooooooooong log to your drive), as the router will reject most of that trash. There are days when I watch the router with disbelief as China Telecom, and communication companies from every corner of the world are hitting the router. Yet only 2-3/day actually make it through for ZA to deal with. Of concern are things that are outgoing, and both ZA and the router will make you safer.
At least that's my understanding how it all works :thumbsup:

#3 swas

swas
  • Topic Starter

  • Members
  • 149 posts
  • OFFLINE
  •  
  • Local time:05:45 PM

Posted 27 April 2006 - 12:28 PM

Hi tos, Yeah i kinda FREAKED the first few days I had za and it was stopping all of these intrusions LOL.
I do have a couple more questions if you don't mind me picking your brain?

1.What you called noise, Why exactly would a communications company just randomly ping like that??

2.Is there any way to look at the za log???

thanks

swas
How beautiful it is to do nothing, and then rest afterward

#4 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,568 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:05:45 PM

Posted 27 April 2006 - 03:14 PM

Noise - a term I've seen used. I'm no expert on this. I think there are computers out there, bad or good, that are just scanning every possible IP address. Some might be legitimate, as when your ISP provider wants to know if you're alive, or when they want to deliver mail to Outlook and your Outlook isn't running at tthat time - well that'll be blocked since you didn't ask for it yet. My router changes my IP address every so often (a feature I set), my ISP provider also gives a IP address on lease. Well, if the last person was doing instant messaging and was communicating with half this world, and you get his IP address - guess what - all that trash heads your way. Till your IP address changes to some previously unused one. This is all I know. Or don't. I'm just watching and learning. Yes, I too freak out when suddenly I see the router log run like a zipper, but really nothing happens, just tells me there's lotsa traffic out there.

BTW, last time I totally cleared ZA logs (version upgrade) was mid-December. Since then ZA blocked 103 items. See the power of the hardware router?

I hope an EXPERT will provide a BETTER explanation of this. Mine is mostly anecdotal.

ZA logs are normally in ...\windows\Internet Logs. They're dated text files. With the exception of the file that is currently open, you can look at them. If you have Excel, it might be easier because these are comma separated values which look squeezed on the screen. The first item on the left tells you what the reason was, what was blocked, but I don't recall the exact values. What ZA do you use? Is there an Alerts and Logs tab? If so, the stuff is there more readable and includes explanations, TINY explanations.

Edited by tos226, 27 April 2006 - 03:20 PM.


#5 swas

swas
  • Topic Starter

  • Members
  • 149 posts
  • OFFLINE
  •  
  • Local time:05:45 PM

Posted 27 April 2006 - 11:39 PM

Hi tos, thanks for the insight. I'm going to look into a router(if they're not too pricey). I've only had za for a couple of weeks I think the version is 6 something, and your right the logs give a very very small description. How long have you used za?? I'm still in the trial version just wondering if you would recommend buying it???


swas
How beautiful it is to do nothing, and then rest afterward

#6 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,568 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:05:45 PM

Posted 28 April 2006 - 09:08 PM

4 port routers run about $50. Linksys and D-Link make good ones, and there are others. I believe they're all good. So long as it has a built in firewall, can translate network address, lets you use DHCP you're good to go. $50 is a lot of money. Is it worth it? I feel it's a no brainer. Many companies give routers to the employees for free just to make sure their data is safe. You don't go on the internet without a router. You don't go into a toxic environment without a mask. Period.
Enough preaching?

You can get just the ZA free firewall. A chap at the office has had it for 3 years or more, I've had mine for over 2 years. ZA firewall is a gold standard for firewalls. Just sits there and does the job after some initial training from you.

Now, having said that, I got their security suite for real money. It includes virus scan by Computer Associates and junk mail filter by Mailfronteer, and versions 6+ include spyware filter. Version 5.0.094 is/was very stable. The latest 6 is less so, according to some.

With perfect hindsight, what I would probably get if I were starting from scratch would be:
1. Zone Alarm Free firewall or a paid version (Pro I think) that includes Computer Associates virus scan, another superb product. I used a computer with ZA free on it for a bit, and it was doing the job it's supposed to do. You can't go wrong. IF you have any problems with v6+ (I doubt you will), just download their last v5.

2. If virus watch is not included, I'd get CA one or a free one recommended on this site to be resident plus another for on-demand scanning. I currently use a-square for on-demand virus scan.

3. For spyware there are several good products, I happen to have a old PestPatrol resident, and use Spybot S&D and Lavasoft Ad-Aware on demand.

4. For spam - I don't really know what I'd get now.

There are sticky posts about keeping your computer secure right above this section, for instance, Virus and Malware resources - they're worth reading and are written by real experts. Really, to quote expert jgweed:
"Whereof one cannot speak, thereof one should be silent." :thumbsup:

Edited by tos226, 28 April 2006 - 09:19 PM.


#7 swas

swas
  • Topic Starter

  • Members
  • 149 posts
  • OFFLINE
  •  
  • Local time:05:45 PM

Posted 29 April 2006 - 12:35 PM

Preach on brother tos LOL. Thanks for all the help I think i will purchase a router for sure. It sounds like a very good deal for 50bucks.

thanks again
swas
How beautiful it is to do nothing, and then rest afterward

#8 Merlin_22

Merlin_22

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Location:New Zealand
  • Local time:10:45 AM

Posted 14 May 2006 - 02:31 PM

Hi all, I've had zone alarm for about two weeks now It says it has blocked 1500 intursion attempts. I have traced a couple of the IP addresses to foreign countries. Is there anything about these things that should worry me?

thanks

swas



Hey Swas,

Short answer, you you shouldn't be freaked, as long as ZA is blocking them you are to sweet as.

TONY

Kids Safe Forum <--- Please read the site guidelines before registering. You don't have to be a parent nor have any information. You can register and ask things on the forum if you want.

Update: Kids Safe is bringing out K.S.A, for more information on what it is; click the link below:
http://kidssafe.co.nz/index.php?showtopic=504


#9 Elendil

Elendil

  • Members
  • 660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The US
  • Local time:06:45 PM

Posted 14 May 2006 - 04:07 PM

A few things:

1. 1500!?!?!?!?!?!?!? What are you some kind of celeb, CEO, or an extremely prominent figure? That's a gigantic amount. Maybe ZA is extremely powerful after all.
2. As for spam protection here's my opinion: BlueFrog AntiSpam (http://www.bluesecurity.com/) the website is undergoing maintenance so the download won't work at the moment or if you'd like to pay for anti-spam (or use a trial while you wait for BlueFrog to start working) http://www.spywareinfo.com/downloads.php?cat=spam#spam
Stanford '14
B.S. Candidate | Computer Science

#10 swas

swas
  • Topic Starter

  • Members
  • 149 posts
  • OFFLINE
  •  
  • Local time:05:45 PM

Posted 15 May 2006 - 03:59 PM

LOL, yeah I must be a celebrity and I didn't even know it :thumbsup:

thanks for the anti spam link

swas
How beautiful it is to do nothing, and then rest afterward

#11 rms4evr

rms4evr

  • Members
  • 812 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:East Coast
  • Local time:06:45 PM

Posted 15 May 2006 - 07:37 PM

1. 1500!?!?!?!?!?!?!? What are you some kind of celeb, CEO, or an extremely prominent figure? That's a gigantic amount. Maybe ZA is extremely powerful after all.

I've had 1500+ blocked intrusions with Zonealarm...but that was when I opened up my network router ports to allow bittorrent activity. After my bout with a virus that I inadvertently downloaded off of bittorrent (I had to use my restore disk, and I lost everything but what came with my compy :thumbsup: ), I sealed off the ports, and quit using bittorent. Suprise; the intrusions ground almost to a halt (now, maybe one or two a month).

Lesson - don't use P2P networks, continue using Zonealarm, and take tos226's advice: get a network router!!!

rms4evr

#12 Merlin_22

Merlin_22

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Location:New Zealand
  • Local time:10:45 AM

Posted 15 May 2006 - 11:31 PM

My Blocked Intrusions: 32780+
High rated: 3680+

TONY

Kids Safe Forum <--- Please read the site guidelines before registering. You don't have to be a parent nor have any information. You can register and ask things on the forum if you want.

Update: Kids Safe is bringing out K.S.A, for more information on what it is; click the link below:
http://kidssafe.co.nz/index.php?showtopic=504





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users