I've recently installed Zone Alarm Pro and i keep getting this message all the time from different ip addresses but what is the TCP port they keep trying to get in?? The port number keeps changing, am i safe from attacks? I use a dial up connection so my ip address is always different, but these attacks seem regular. I get about 4-6 every couple of mins. ocasinally i get ping requests in an orange box not like the red one.

<IMG SRC="http://www.btinternet.com/~robert.taylor2001/zone.jpg" border=0>

any advice guys? thanx RobUK

When I first installed ZoneAlarm, I thought I would have a coronary at all of the hits I was getting. I still do not understand all of the reports from Zone, but most are from web sites that you may have connected to and left.

In the recent couple of weeks, the hits have increased dramatically...I am now getting about 5 hits per 15 minutes. The more known IPs of the major servers will get the most hits.

Main thing is, learn how to setup ZoneAlarm for its max protection, and do not get paranoid. I keep mine set to max security, and do not allow anything server priviledges unless necessary. Keep it locked, and most apps that have to get by, Zone will ask you if thats ok. Of course, Zone is not bullet proof, but is about as good as any firewall at the present.

Go here and test your security setup...and if you have it configured correctly, you will get a clean bill of health...but, just understand that its not totally safe...I don't think there is any way to be totally safe...even the government with all of the experts they have protecting their stuff, still get hacked. For your ease of mind, most hackers are not interested in us pions.


Look for the "shields Up" icon. There are two tests to run, where this site will attempt to get into your machines ports...after which you will get a report letting you know how well you are protected.

http://grc.com/default.htm


[This message has been edited by Bovon (edited 08-07-2001).]

You'll be getting a lot of hits due to the Code Red Virus.
Click on the box that says "Don't show this dialog again" to keep the box from showing up everytime you get pinged.
You can still clear and view the alerts by double clicking the ZA icon in your system tray and viewing the Internet Alerts.
Until the Code Red virus is cured from the ISP servers you will keep getting pinged.

Road Runner cable has already started on a fix. They were nice enough to email me last night.

If your running WinNT or 2k there is a link for the virus under the Network forum.

Win 9X, ME, 3.1 are not affected.

Although the Code Red Worn is not a danger to the Win98, Win98SE, WinME or 3.1 OS's, be aware that it will play havoc with your internet surfing... don't start messing about with your computer or internet setting if your surfing is disrupted. I have found the internet very slow b/c of Code Red.

Try this add on program for ZA. http://zonelog.co.uk . It will describe what kind of attack it is.
You can also down load a program called Sam Spade form http://www.samspade.org/ . This will allow to to trace the attacks

korgul, Thanks...I D/L Zonelog and that sure helps understand the hits. The colors of the imported hits tell you right away if you should be concerned. Now, if I could figure out what the 'flag S' is, and what is static or noise type of hits...I think I'll feel a lot more comfortable.

In the help files for zonelog it lists what each flag letter is.....

Sadly, it's pretty generic though.

[This message has been edited by prttybean (edited 08-08-2001).]