My Firewall logs vs. the top 10
Results 1 to 5 of 5

Thread: My Firewall logs vs. the top 10

  1. #1
    Junior Member
    Join Date
    Feb 2004
    Posts
    6

    Question My Firewall logs vs. the top 10

    Ok, why is it that my logs are not even remotely close to the Top Ten Trends @
    the internet storm center? I understand that different regions will have varying
    probes, and certain ISP's may or may not be blocking certain ports.But why do I
    see all these assorted attacks in the Top Ten, but my logs look the same month
    after month.

    [gloworange]90% - Ports - 1026,1027,1028[/gloworange]

    [glowpurple]5% - Ports - 17300, 27374 [Kuang2, Sub][/glowpurple]

    5% - ICMP - 8/0

    Why can't I be attacked like normal kids?

  2. #2
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    perhaps they are being blocked elsewhere, or perhaps the firewall you are using is not set to log ( or block ) everything.

    You said in another post you are behind a SOHO firewall, and use Zone Alarm. Which is this list from ? And are these incoming or outgoing blocks ?

    ( Im guessing, but you use ICQ ? )
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes

  3. #3
    Junior Member
    Join Date
    Feb 2004
    Posts
    6

    Firewall logs

    Didn't mean to mislead anyone but as far as the internet side I am on AOL [yeah, I know, I know, AOL creates negative air pressure , when I get back to working I'll be back on cable]

    Anyway to answer your question, here is my situation - Aol dialup, these are Visual Zone logs from behind ZoleAlarm , firewall set to High, program logging set on high, event logging on ,
    event logs = show all alerts. VisualZone is set to include non-attacks, I'm pretty sure I'm in full geek mode as far as the logs. These are incoming blocks and I have never used ICQ.

    Thanks.

  4. #4
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    You are a totally unloved person?...............you are not worth "pinging"

    Only joking! as you rightly observe, there are regional variations, variations with the ISP/subnet you are on, and so forth.

    I think another aspect is that these statistics are not "means" or averages. Where, +9 and -9 give a mean value of zero. You just might not be in the area where these values were generated.? Peaks get to the top of the poll?

    Also, I have never reported my stats to the Storm Center?..............bit like an opinion poll held on the highstreet at 3am ?...............only the guys with votes get to make the ratings?

    Just a few thoughts?

    Cheers

  5. #5
    Junior Member
    Join Date
    Feb 2004
    Posts
    6
    Thanks you two.... all is well then. And nihil, I just called my mother, she wants YOUR IP!
    j/k
    Maybe somebody with some clout around here can start a poll in order to see what AO members are being hit with at home. nihil?
    _____________________________________________

    The magnitude of a threat is inversely proportional to its frequency. - Courtney

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •