Page 1 of 2 12 LastLast
Results 1 to 10 of 17

Thread: Zonealarm!

  1. #1
    I am a cracker
    Guest

    Question Zonealarm!

    When I get on the internet from my mom's house she has (AOL) and Zonealarm (version 2.6) for a firewall, now recently every time she sign's on the internet as soon as it's connected this is what it say's

    (not just this number but other one's as well)

    The firewall has blocked routed traffic from 209.244.0.3 (DNS) to 63.215.221.200 (UDP Port 1722).

    (for as long as she's on the net the firewall will keep reporting it popping up)

    Time: 2/22/02 6:57:16 PM Now I know how to read all this and I understand it The firewall has blocked routed traffic from 63.215.221.200 (TCP Port 1671) to 64.136.16.72 (TCP Port 8505) [TCP Flags: S].

    Occurred: 4 times between 2/22/02 6:53:18 PM and 2/22/02 6:53:38 PM

    sometimes it says Occurred : 80 times within a matter of minutes I


    I looked and did the dos thing nbtstat netstat etc...REgedit stuff msconfig thinggy control+alt+delete thing to she has anti-virus software.

    The firewall has blocked routed traffic from 63.208.30.230 (TCP Port 1770) to 64.136.16.72 (TCP Port 8505) [TCP Flags: S].

    Occurred: 3 times between 2/22/02 8:00:00 PM and 2/22/02 8:00:08 PM

    I think it's my ISP or something messing around thats why I don't want to scan port's and do other stuff because if I do I am gonna wanna shut it down.. tired of it!

    The firewall has blocked routed traffic from 172.154.112.81 (TCP Port 1151) to 205.188.50.141 (AOL) [TCP Flags: S].

    Occurred: 58 times between 2/22/02 8:21:48 PM and 2/22/02 8:22:10 PM
    Like right now AS I am writing this
    help?

  2. #2
    Senior Member
    Join Date
    Oct 2001
    Posts
    872
    Wern't you just the "ZoneAlarm-Hacker-Expert" just the other week mate?


    Surely with your extensive knowledge on firewalls, you should know not to advise your own mother to use one that does no good, a resource hog you might say.

    [P.S - Check under "Programs" and scroll down until you see your [mom's] ISP...then click on it to set ZoneAlarm to allow it access to the internet. Crazy eh? ...I dunno..ZA can be such a pain at times]
    ...This Space For Rent.

    -[WebCarnage]

  3. #3
    IT Specialist Ghost_25inf's Avatar
    Join Date
    Sep 2001
    Location
    Michigan
    Posts
    648
    not to worry as long as its being blocked.
    S25vd2xlZGdlIGlzIHBvd2VyIQ

  4. #4
    Junior Member
    Join Date
    Dec 2001
    Posts
    10
    I did a trace on that IP ZoneAlarm is reporting to you and it came up as an ISP. Some ISP's do portscans on your computer every now and then (dunno why). ZoneAlarm is the crappest firewall in my opinion as it bogs down everything and does nothing. I use Norton Firewall 2002 Corporate Edition.

  5. #5
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    Some ISP's do portscans on your computer every now and then (dunno why).
    I'd say to make sure that their clients aren't running server-side programs like webservers, ftp servers, etc without paying for it.
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

  6. #6
    Senior Member
    Join Date
    Feb 2002
    Posts
    120
    Just as webcarnage said, I thought you were the ""expert"" on the poor security of zone alarm. Weren't you?
    \"To follow the path:
    look to the master,
    follow the master,
    walk with the master,
    see through the master,
    become the master.\"
    -Unknown

  7. #7
    I am a cracker
    Guest
    Wern't you just the "ZoneAlarm-Hacker-Expert" just the other week mate?Surely with your extensive knowledge on firewalls, you should know not to advise your own mother to use one that does no good, a resource hog you might say. Just as webcarnage said, I thought you were the ""expert"" on the poor security of zone alarm. Weren't you.

    I am not the "Zonealarm-Hacker-Expert", I never said I was and never claimed to be neither, I advised my mother to use Zonealarm a while-ago because she is not to good with computers and that anyone can operate zonealarm (and configure) I know it has "spy-ware" inserted in it.She does nothing wrong so she ain't worried about it. I just came down to her house for this weekend and since I'm here I'll fix it for here. Mostly other firewalls are harder to operate!

  8. #8
    Senior Member
    Join Date
    Aug 2001
    Posts
    485
    Originally posted here by I am a cracker



    I am not the "Zonealarm-Hacker-Expert", I never said I was and never claimed to be neither, I advised my mother to use Zonealarm a while-ago because she is not to good with computers and that anyone can operate zonealarm (and configure) I know it has "spy-ware" inserted in it.She does nothing wrong so she ain't worried about it. I just came down to her house for this weekend and since I'm here I'll fix it for here. Mostly other firewalls are harder to operate!
    Looking at your original description, this does seem a little odd, but I've never used AOL (and don't ever intend to), so I suppose they could be doing something strange.
    What are you doing when this happens?
    Does everything work, or do some types of requests fail?
    What software configuration are you running?
    In reply to echelon3/WebCarnage, I would have thought this showed that ZA is working as it is blocking suspect traffic. If you don't want to see the pop ups, you can disable them (you can always look at the log afterwards).
    Curious about your comment about 'spy-ware' - perhaps you'd like to expand on this?
    I've recommended ZA to friends in the UK who are not very computer literate on the grounds that some protection is better than nothing, and I've never seen anything like this.

  9. #9
    I am a cracker
    Guest
    Looking at your original description, this does seem a little odd, but I've never used AOL (and don't ever intend to), so I suppose they could be doing something strange. What are you doing when this happens?
    Does everything work, or do some types of requests fail?
    What software configuration are you running?
    In reply to echelon3/WebCarnage, I would have thought this showed that ZA is working as it is blocking suspect traffic. If you don't want to see tCurious about your comment about 'spy-ware' - perhaps you'd like to expand on this?
    I've recommended ZA to friends in the UK who are not very computer literate on the grounds that some protection is better than nothing, and I've never seen anything like this.he pop ups, you can disable them (you can always look at the log afterwards).

    As a member of AOL I say never get this ISP it's sorry the techincal help you are better to figure it out yourself. "All I am doing is surfing the web" not hacking cracking nothing illegal like that. The only thing that don't work is my mom's browser the (aol) browser.. Zonealarm, has spy-ware inserted in it It seems that ZA comes with two spy dlls that according to the their manufacturer. I found these two: C:WINDOWSSYSTEMVSMONAPI.DLL C:WINDOWSSYSTEMVSUTIL.DLL Had been left on my system . It seems that my system configuration and maybe the activity is logged to the file Iamdb.rbd, then transmitted. (not 100% sure though)

    They are watching us!
    reply

  10. #10
    Senior Member
    Join Date
    Aug 2001
    Posts
    485
    Originally posted here by I am a cracker



    As a member of AOL I say never get this ISP it's sorry the techincal help you are better to figure it out yourself. "All I am doing is surfing the web" not hacking cracking nothing illegal like that. The only thing that don't work is my mom's browser the (aol) browser.. Zonealarm, has spy-ware inserted in it It seems that ZA comes with two spy dlls that according to the their manufacturer. I found these two: C:WINDOWSSYSTEMVSMONAPI.DLL C:WINDOWSSYSTEMVSUTIL.DLL Had been left on my system . It seems that my system configuration and maybe the activity is logged to the file Iamdb.rbd, then transmitted. (not 100% sure though)

    reply
    Ah ha, so you are complaining about what is left behind when you uninstall ZA. You are correct that this does not uninstall cleanly, but I'm not convinced there is any sinister intent here. I could be wrong here, but I don't think that any information about your system is sent elsewhere - anyone else care to comment?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •