| Author |
Message |
Aldo Larrabiata
Guest
|
 Posted:
Fri Jan 14, 2005 11:02 pm Post subject:
ZA activité & log |
|
|
ZA ver 3.5.169 & Win98 SE. ADSL 1024 bps.
After massive attempts to enter in my computer (600 within 5 minutes), for
instance on ports 4662 TCP mode, flag S or 4762 UDP mode (emule ?), I use to
hang up in order to get a new IP address. Then the computer keeps trying to
access the port 137 UDP mode. This usually continues 10 min at least.
I'm not really concerned but this drives me nervous because of the waste of
bandwith slowing down the connection.
Any explanation of these responses and a possibility to abort them as I did
with the outbonding connection attempts ?
TIA |
|
| Back to top |
|
 |
Jason Edwards
Guest
|
| Posted:
Sat Jan 15, 2005 12:58 am Post subject:
Re: ZA activité & log |
|
|
"Aldo Larrabiata" <duschmoll@racer.com> wrote in message
news:41e808eb$0$19430$8fcfb975@news.wanadoo.fr...
| Quote: | ZA ver 3.5.169 & Win98 SE. ADSL 1024 bps.
After massive attempts to enter in my computer (600 within 5 minutes), for
instance on ports 4662 TCP mode, flag S or 4762 UDP mode (emule ?), I use
to
hang up in order to get a new IP address. Then the computer keeps trying
to
access the port 137 UDP mode. This usually continues 10 min at least.
I'm not really concerned but this drives me nervous because of the waste
of
bandwith slowing down the connection.
Any explanation of these responses and a possibility to abort them as I
did
with the outbonding connection attempts ?
|
In your position I would do the following.
1. Put an external firewall/router between your ADSL modem and your
computer.
http://www.google.com/search?&q=nat+router+firewall
2. Run some of these to see how you look to the rest of the world.
http://www.google.co.uk/search?&q=%22security+scan%22
3. Learn to use this
http://www.safer-networking.org/en/download/index.html
in advanced mode.
Lean to use the tools it provides so that you can recognize when changes
have been made to your computer. Another tool which is useful for spotting
unwanted changes is
http://www.spychecker.com/program/hijackthis.html
4. Install this
http://www.javacoolsoftware.com/downloads.html
and make sure it is happy with your Internet Explorer security settings.
Consider using an alternative web browser such as
http://www.mozilla.org/products/firefox/
5. Make sure that a self updating anti-virus solution is in use.
One particular example is
http://free.grisoft.com/freeweb.php/doc/2/
6. Make sure you have all critical or high priority updates from
http://windowsupdate.microsoft.com
7. Uninstall and forget about ZA. You can now enjoy your computing
experience instead of worrying about ZA alerts.
Jason
|
|
| Back to top |
|
|
Aldo Larrabiata
Guest
|
| Posted:
Sun Jan 16, 2005 2:02 am Post subject:
Re: ZA activité & log |
|
|
Thanks for the answer however, I didn't ask for a different protection
configuration. I've almost everything AND ZoneAlarm.
I just asked the reason why the computer tried to answer to the massive
attempts, after the IP address was changed.
In fact, was a process started before I changed the IP address, what could
it be ?
The objective is to understand the mechanism in order to kill it.
Bye
"Jason Edwards" <none@invalid.invalid> a écrit dans le message news:
34qmidF4gasa2U1@individual.net...
| Quote: | "Aldo Larrabiata" <duschmoll@racer.com> wrote in message
news:41e808eb$0$19430$8fcfb975@news.wanadoo.fr...
ZA ver 3.5.169 & Win98 SE. ADSL 1024 bps.
After massive attempts to enter in my computer (600 within 5 minutes),
for
instance on ports 4662 TCP mode, flag S or 4762 UDP mode (emule ?), I
use
to
hang up in order to get a new IP address. Then the computer keeps trying
to
access the port 137 UDP mode. This usually continues 10 min at least.
I'm not really concerned but this drives me nervous because of the waste
of
bandwith slowing down the connection.
Any explanation of these responses and a possibility to abort them as I
did
with the outbonding connection attempts ?
In your position I would do the following.
1. Put an external firewall/router between your ADSL modem and your
computer.
http://www.google.com/search?&q=nat+router+firewall
2. Run some of these to see how you look to the rest of the world.
http://www.google.co.uk/search?&q=%22security+scan%22
3. Learn to use this
http://www.safer-networking.org/en/download/index.html
in advanced mode.
Lean to use the tools it provides so that you can recognize when changes
have been made to your computer. Another tool which is useful for spotting
unwanted changes is
http://www.spychecker.com/program/hijackthis.html
4. Install this
http://www.javacoolsoftware.com/downloads.html
and make sure it is happy with your Internet Explorer security settings.
Consider using an alternative web browser such as
http://www.mozilla.org/products/firefox/
5. Make sure that a self updating anti-virus solution is in use.
One particular example is
http://free.grisoft.com/freeweb.php/doc/2/
6. Make sure you have all critical or high priority updates from
http://windowsupdate.microsoft.com
7. Uninstall and forget about ZA. You can now enjoy your computing
experience instead of worrying about ZA alerts.
Jason
TIA
|
|
|
| Back to top |
|
|
Jason Edwards
Guest
|
| Posted:
Sun Jan 16, 2005 6:42 pm Post subject:
Re: ZA activité & log |
|
|
"Aldo Larrabiata" <duschmoll@racer.com> wrote in message
news:41e9a2dc$0$8025$8fcfb975@news.wanadoo.fr...
| Quote: | Thanks for the answer however, I didn't ask for a different protection
configuration. I've almost everything AND ZoneAlarm.
|
Yes I didn't think you'd remove it.
What did you mean by "almost" everything? What was missing?
| Quote: | I just asked the reason why the computer tried to answer to the massive
attempts, after the IP address was changed.
|
Massive attempts to do what?
These incoming connection requests are for an application running on another
computer. They are NOT attempts to "enter" your computer. They are for the
computer which had your present IP address before you did. They will be
ignored by your computer even if you don't have a software firewall such as
ZA. About all the software firewall is useful for in this case is
frightening you into thinking it's useful.
| Quote: | In fact, was a process started before I changed the IP address
|
How can anyone but yourself tell you this?
You are the only person with any chance of seeing exactly what is running in
your computer.
| Quote: | , what could
it be ?
|
It could be a lot of things, including incorrectly configured ZA, but
anything anyone tells you is likely to be a wild stab in the dark unless
they are sitting at your computer.
| Quote: |
The objective is to understand the mechanism in order to kill it.
|
Why do you want to kill it if you don't understand it?
My best guess is that ZA wants to give you some useless information about
the IP addresses which are attempting to connect to a non-existent
application in your computer. ZA therefore does a reverse DNS lookup on each
IP address. In many cases this will fail, so your PC then tries a netbios
name request directly to the remote computer. If this succeeds then ZA can
tell you the machine name, but why would you want to know?
These connection attempts will be ignored even if you don't have ZA.
You said that you had "almost everything".
What other "protection" applications do you have on your computer?
Bye
Jason
|
|
| Back to top |
|
|
Aldo Larrabiata
Guest
|
| Posted:
Mon Jan 17, 2005 2:53 am Post subject:
Re: ZA activité & log |
|
|
Thanks this is what I was expecting
"Jason Edwards" <none@invalid.invalid> a écrit dans le message news:
34v9a5F4eh702U1@individual.net...
| Quote: | "Aldo Larrabiata" <duschmoll@racer.com> wrote in message
news:41e9a2dc$0$8025$8fcfb975@news.wanadoo.fr...
|
[...]
| Quote: | My best guess is that ZA wants to give you some useless information about
the IP addresses which are attempting to connect to a non-existent
application in your computer. ZA therefore does a reverse DNS lookup on
each
IP address. In many cases this will fail, so your PC then tries a netbios
name request directly to the remote computer. If this succeeds then ZA can
tell you the machine name, but why would you want to know?
These connection attempts will be ignored even if you don't have ZA.
|
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in