JamesHutto
join:2004-05-09
Olar, SC
| Zone Alarm Pro notifying me...
I installed zone alarm and I am currently using the 15day trial period of the pro version. It is telling me that over 590 intrusions have been blocked and 34 of those were rated high risk. This is within a 12 hour period. I think all of the "intrusions" have been something called NetBios, and on port 139. Can someone tell me what all this means ? I am using dialup through Bellsouth, and have the Windows FW enabled. I run Ad-Aware Pro SE, and AVG Pro.
Am I being paranoid, because Windows firewall just doesnt tell me about it ? Or does it just not care lol. |
|
atangel
Now What??
Premium
join:2002-02-18
Bronx, NY
| You shouldn't be running two firewall at the same time, so make sure that the Windows firewall is turned off. System weirdness usually follows as they compete with each other (and in this case, competition is a bad thing)
Most likely Internet "Static" other infected machines scanning for vulnerable systems, sys admins and script kiddies and members of the security forum playing with scanning tools...
ZA stopped them, so that's the good news!
Read this, it will help explain what is going on. And check out the Security FAQ at the top of the forum. Lots of good info there to answer lots of questions.
»Security »Why am I being pinged, probed or attacked on this port?
»Security »Why is my ISP's nameserver scanning/attacking me?
--
The reason you think I'm way on the left is cause you're so far to the right
Sygate Firewall
Why I mistrust Zone Labs
Use BBR Search |
|
JamesHutto
join:2004-05-09
Olar, SC
| Thanks for the information. I am reading this stuff as soon as I am finished with this post. Once this software trial expires, will the basic free version, i.e. just the firewall be enough to protect me ? Also, does the windows firewall work well ? |
|
atangel
Now What??
Premium
join:2002-02-18
Bronx, NY
| ZAF is still a firewall, you just lose access to a lot of the "extras."
Windows Firewall is better than no firewall, but the controls are a lot less refined and there is 0 outgoing/application control the way you have with most commercial firewalls (e.g., IE announces itself every time it wants to connect to the Internet).
btw, keep in mind that if you give something allow permission it is always allowed. If you give IE permission to connect out always and a nasty takes advantage of it (or some leak tests), it may connect out and isn't entirely the fire wall's fault. My browsers are set to always ask. It isn't as much grief as it sounds.
--
The reason you think I'm way on the left is cause you're so far to the right
Sygate Firewall
Why I mistrust Zone Labs
Use BBR Search |
|
Owlbet
Ignite the Ice
Premium,MVM
join:2002-09-24
Palmer, AK
clubs:
 ·MTA Online
| reply to JamesHutto
If you are trialing Zone Alarm Pro, then no worries, the Windows Firewall is disabled by default. I'd provide a screenshot, but I'm three minutes away from driving to work. It's one of several things I do like about Zone Alarm Pro: If I clean uninstall Zone Alarm to upgrade to a newer version, then the Windows Firewall is turned back on.
--
Rocky is, was, and always will be Dawg E. Dawg. |
|
IGGY
No Guru Just Here To Help
Premium,MVM
join:2001-03-30
Chatham, IL
1 edit | reply to JamesHutto
I'll save myself the hassle of repeating myself.:D If your in the mood for reading and seeing different opinions on the subject. »iggy.gnomeblog.com/blog?cmd=sear···firewall The windows firewall only offers inbound protection. It doesn't process or protect you from what is leaving your machine. Some people don't feel that outbound protection is worthwhile. Others like myself feel it is a key part of protecting yourself online. If you choose not to purchase the software your trialing. You could go with the free version of ZoneAlarm. It's a good solution. But in my opinion lacks some elements that help keep you more secure. For a basic firewall with outbound and inbound protection. It does this job well. If memory serves me correctly. Didn't trial versions used to default to a free version if you didn't purchase them in the past? Or am I mistaken on this?
--
Test Your Security
Cable Diagnostics
Iggyz Blog ZoneAlarm Help |
|
JamesHutto
join:2004-05-09
Olar, SC
| reply to Owlbet
Here are the results after I unloaded ZAP, and turned WFW back on.
Your Results for this scan
Conclusion: Healthy Setup! We could detect no interesting responses from any of the commonly probed TCP and UDP ports. It would be difficult for an attacker to know where to start without further information.
TCP ALL : FILTERED No response packet was received.
UDP ALL : FILTERED No response packet was received.
This are the same results I received from having ZAP on high settings. |
|
jaykaykay
4 Ever Young
Premium,MVM
join:2000-04-13
Scottsdale, AZ
·Speakeasy
| I've been using ZAP or some version of Zone Alarm since it was about v 1.1, so obviously, I like it. On the other hand, there are a lot of questions that come with the use of firewalls, so I will give you another look at a site with lots of general info. Do as you wish with it, of course.
»www.interhack.net/pubs/fwfaq/ |
|
IGGY
No Guru Just Here To Help
Premium,MVM
join:2001-03-30
Chatham, IL | Well I think that one is a new one on me. It just got added to the already long list. The past few weeks I've tried to spread out the boookmarks to multiple pages. The pages are starting to get to long. |
|
boblandy
Premium
join:2002-05-06
| reply to atangel
said by atangel  :My browsers are set to always ask. It isn't as much grief as it sounds. my everything is set to always ask and it isn't as much grief as it sounds
--
look out kid they keep it all hid |
|
mythology
join:2002-10-16
Seneca, SC | reply to JamesHutto
Are you connected to a lan that needs file sharing and netbios? Disable the "server" service if you dont use it. It is a security risk. I disable it with no problems at all. |
|
