Zone Alarm question

Zone Alarm has blocked 5,000 intrusions since I turned on my computer a few
minutes ago. This seems an inordinate number of intrusions to me and I
wondered whether it is 'normal' activity. The intrusions seem to have
stopped now but something similar was hapening yesterday evening.

I run Windows XP Pro with AVG, AdAware, Spybot and Spyware Blaster. I
connect via NTL broadband through a simple router.

According to the alert log most of the intrusions are from 194.168.8.100
(DNS) but as a non-techie I do not know what this means.

Can I rest assured that this is part of normal PC life or should I worry
that my computer is being targeted?

R.

Re: Zone Alarm question

"Ragnar" wrote in message
news:g7Epi.1409$rr5.128@newsfe1-win.ntli.net...
> Zone Alarm has blocked 5,000 intrusions since I turned on my computer a
> few minutes ago. This seems an inordinate number of intrusions to me and I
> wondered whether it is 'normal' activity. The intrusions seem to have
> stopped now but something similar was hapening yesterday evening.
>
It's Phoney-Baloney ware; It gives you a false sense of security.
Go to:
http://www.microsoft.com/technet/technetmag/issues/2006/05/S ecurityMyths/default.aspx
and scroll down to:
Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe.

Then read this:
("...the typical form of outbound protection in client firewalls is just
security theater.)
http://www.microsoft.com/technet/technetmag/issues/2007/06/V istaFirewall/default.aspx

And this:
http://www.samspade.org/d/firewalls.html

Then draw your own conclusions.
>
> I run Windows XP Pro with AVG, AdAware, Spybot and Spyware Blaster. I
> connect via NTL broadband through a simple router.
>
The Windows Firewall in XP SP 2 does a fantastic job at its core mission.
Enable Windows Firewall, review exceptions frequently. The less exceptions
the better!

Is the XP SP2 firewall getting a raw deal?
http://blogs.zdnet.com/Ou/?p=81

How to Configure Windows Firewall on a Single Computer
http://www.microsoft.com/technet/security/smallbusiness/prod tech/windowsxp/cfgfwall.mspx

BTW, built-in f/w is an integrated part of the OS; 3rd party PFW app. is
not.
>
> According to the alert log most of the intrusions are from 194.168.8.100
> (DNS) but as a non-techie I do not know what this means.
>
http://www.who.is/whois-ip/ip-address/194.168.8.100/

http://www.ripe.net/whois?form_type=simple&full_query_string =&searchtext=194.168.8.100&do_search=Search
>
> Can I rest assured that this is part of normal PC life or should I worry
> that my computer is being targeted?
>
Get Educated - To be blunt, all the protection in the world won't save you
from yourself. Don't open attachments that you aren't positive are ok. Don't
fall for phishing scams. Don't click on links in email that you aren't
positive are safe. Don't install "free" software without checking it out
first - many "free" packages are free because they come loaded with spyware,
adware and worse. When visiting a web site, did you get a pop-up asking if
it's ok to install some software you're not sure of because you've never
heard of it? Don't say "OK". Etc., Etc., Etc....

You may wish to try to aim for a more controlled/disciplined idea with
respect to internet security which includes among other things 'hardening'
of OS.

Good luck :)

Re: Zone Alarm question

>
> According to the alert log most of the intrusions are from 194.168.8.100
> (DNS) but as a non-techie I do not know what this means.

If it's showing TCP port 53, then it's your ISP's DSN server trying to talk
to the machine.

http://en.wikipedia.org/wiki/Domain_name_system

You should be seeing that same IP of 194.168.8.100 if you go to the route's
Admin page and go to the router's status page and see the IP(s) the router
has during the connection to the ISP.

Or you can go to the Command Prompt on the computer and enter IPconfig /all
and again see the ISP's DNS IP(s) the computer is using.

If you see that the same DNS IP is 194.168.8.100 then you'll know that
ISP's DNS server is trying to talk to the computer on TCP port 53.

Re: Zone Alarm question

Ragnar wrote:
> Zone Alarm has blocked 5,000 intrusions since I turned on my computer a few
> minutes ago.

You're fooled by senseless messages of your "Personal Firewall". This is
ridiculous.

> wondered whether it is 'normal' activity.

For such trash like ZoneAlarm: yes.

Yours,
VB.
--
> Ja, ZA hat bei mir in den letzten 5 Jahren (?), genauer: noch nie,
> Probleme bereitet.
Das Schälchen Weihwasser neben meinem Monitor auch nicht.
(Bjoern Schliessmann in d.c.s.f.)

Re: Zone Alarm question

In message
at 08:48:12 on Wed, 25 Jul 2007, Ragnar wrote
>Zone Alarm has blocked 5,000 intrusions since I turned on my computer a few
>minutes ago.
>
How do you connect to the internet. Dialup modem, USB ADSL device or a
router?
--
Mike News