PDA

View Full Version : firewall alerts



21-11-2001, 07:18 PM
Our firewall(zonealarm) has been blocking access(as it should).
However we have had a few where the firewall has blocked access going out.
Would this be from someone hitching a ride on our ip address ??
If so is there a way to find the address of who is doing it as the firewall only shows who it was going to ????
Any help would be appreciated.

21-11-2001, 07:32 PM
Hi,

Paste the appropriate piece of your ZA log file C:\WINDOWS\Internet Logs\ZALog.txt and I'll see what I can do. If you need instructions on how to do this, simply reply, and I'll guide you through it.

G P

21-11-2001, 11:55 PM
here are the logs for outgoing alerts:FWOUT,2001/11/17,14:04:52 +13:00 GMT,203.167.176.159:0,203.79.82.45:0,ICMP (type:3/subtype:2)
FWOUT,2001/11/17,15:04:53 +13:00 GMT,203.167.176.159:0,203.79.82.45:0,ICMP (type:3/subtype:2)
FWOUT,2001/11/19,21:26:58 +13:00 GMT,203.167.176.243:0,203.79.71.31:0,ICMP (type:3/subtype:2)
FWOUT,2001/11/19,22:26:59 +13:00 GMT,203.167.176.243:0,203.79.71.31:0,ICMP (type:3/subtype:2)
FWIN,2001/11/21,23:03:20 +13:00 GMT,203.93.217.5:1135,203.167.176.122:80,TCP (flags:S)

your help is appreciated

21-11-2001, 11:56 PM
here are the logs for outgoing alerts:
FWOUT,2001/11/17,14:04:52 +13:00 GMT,203.167.176.159:0,203.79.82.45:0,ICMP (type:3/subtype:2)
FWOUT,2001/11/17,15:04:53 +13:00 GMT,203.167.176.159:0,203.79.82.45:0,ICMP (type:3/subtype:2)
FWOUT,2001/11/19,21:26:58 +13:00 GMT,203.167.176.243:0,203.79.71.31:0,ICMP (type:3/subtype:2)
FWOUT,2001/11/19,22:26:59 +13:00 GMT,203.167.176.243:0,203.79.71.31:0,ICMP (type:3/subtype:2)

your help is appreciated

22-11-2001, 02:18 AM
I recently found this great tool that works along with Zonealarm and gives you lots of info and options to analyse and deal with the things that Zonealarm blocks. Whats even better is that it is totally free. Works with 98 and 2000 on my system, not sure about XP but heres the address http://www.visualizesoftware.com/

Every Zonealarm user should have this if only to raise their sense of safety and security online. Whois and Backtrace as well as an auto email complaint function are just some of the great features built in.