posted on March 20, 2001 07:39:33 AM
I use DSL and just got a new computer. I installed Zone Alarm and for the last two days, am getting warnings practially hourly, sometimes minutes apart from the same IP address.
I get the following messages:
Zone Alarm has blocked Access to your computer (NET BIOS) something or other and gives an IP address.
or
Zone Alarm has blocked Access to your computer (PING/ECHO REQUEST) something or other and gives an IP address.
I had Zone Alarm installed and running on my old computer and it was extremely rare to get a warning. (I haven't changed any settings in this installation. It's identical to the set up on the old system.)
The requests are coming from Canada, Seoul and California.
I went to samspade.org and did a whois on the IP addresses of those attemtping to access my computer. I don't understand the info I'm getting though. Samspade.org comes back with a blank Let's Go page on a whois trace, while Geektools provides a company name, address, phone number and contact.
Is that just the ISP of the person trying to access my computer or is that info the person directly?
Clicking on More Details on the Zone Alarm screen gives me a page with no info at all. Every box for info says Not Available.
I have no clue what benefit this information is to me. I'm thankful that ZoneAlarm is blocking access, but wonder what the heck is going on all of a sudden.
posted on March 20, 2001 07:58:50 AM
Interesting - BUT whether or not you have changed the settings, they may have changed on their own - recently my computer was going on line, off an on all day, even when I wasn't at my desk. We finally checked and the mail setting had all of the sudden started picking up mail every 30 minutes. I don't recall making a setting change, but there it was! We have had such weird occurrences off an on through out our 20 years on computers - sometimes the system poltergeist just seem to slip in and change things.
I can't speak regarding AlarmZone, since I've never used such a product, but it is an interesting mystery - but certainly would advise you to recheck your settings.
posted on March 20, 2001 08:47:33 AM
When I switched to DSL from my modem I had to get rid of Zone Alarm--it kept giving me all kinds of problems. Friends have told me they've had the same experience. I think there is something about DSL that isn't totally compatible with ZA.
posted on March 20, 2001 08:54:37 AM
I was getting about a dozen alerts daily with ZA- I started investigating them, and complaining to ISP's- but I eventually just reset the ZA config to log the alerts to file, without alerting me. Too much trouble.
Go to Alert, and unclick the "show in window" box. Check the "log to file" box, and forget it. You can go back and check the log periodically to see what activity you've had, if you want.
Some of these "attempts" are fairly benign, from what I understand-- advertising companies and such. As long as you've got your ZA set to stealth, you're in pretty good shape.
posted on March 20, 2001 12:01:26 PM
Samspade is sensitive to any leading or trailing spaces on the IP address ... it will return nothing. GeekTools is able to handle the spaces OK. \
the reported IP addrdess is traceable to the ISP of the person trying to access your computer.
Some of these are innocent ... for example, if a router or web server does some load balancing it sends out a flury of signals trying to find out who is still on it. Others may be typos.
Others may be automated scans from spammers looking for open mail servers, waReZ kiddies looking for an untended FTP area to stash their pirated copies, etc.
posted on March 20, 2001 04:58:46 PM
I had so many problems with zonealarm lately that I finally just had to remove it. My computer was going nuts, I kept getting messages of abnormal program, etc. I don't know much about computers so I have no idea why this occured.
I've always been crazy, but it's kept me from going insane!
