Re: I have too much firewall activity
From: Dennis Lazo (email_at_dennislazo.com)
Date: 08/28/04
- Next message: Lanwench [MVP - Exchange]: "Re: I have too much firewall activity"
- Previous message: Shenan Stanley: "Re: CD "Incorrect function""
- In reply to: Ian: "Re: I have too much firewall activity"
- Next in thread: Ian: "Re: I have too much firewall activity"
- Reply: Ian: "Re: I have too much firewall activity"
- Messages sorted by: [ date ] [ thread ]
Date: Sun, 29 Aug 2004 00:17:54 +0800
ian,
you are welcome.
the level of activity should not slow down your computer or internet
activity as these "probes" are so minimal you won't even notice. in fact,
you may not have even noticed it at all if you were not scanning the logs,
right? LOL!
anyways, it is good that you have a firewall. port scans may be done by
crackers, worms, trojans, etc, to see if your computer is "on the net" and
if they could "invade" you. a good firewall can block all the scanning and
make the prober believe that your computer is in fact not connected to the
net.
also, it would be wise if you could block ping and icmp echo.
if you would like to check if your computer is "not available to everyone"
you may check https://www.grc.com/x/ne.dll?bh0bkyd2
hope this helps.
-- Regards, Dennis Lazo the email address from where this message has been sent from is unmonitored. your replies may not be received. replies may be sent at http://dennislazo.com/email/. information herein is provided as is with no warranties, and confers no rights. "Ian" <ipember@removethisfirst.msn.com> wrote in message news:%23gErLlRjEHA.3456@TK2MSFTNGP12.phx.gbl... > Thanks, very helpful. Does this high level of activity slow down my > computer or internet connection though? > > Ian > > -- > > > > > "Dennis Lazo" <email@dennislazo.com> wrote in message > news:%23af$xhRjEHA.636@TK2MSFTNGP12.phx.gbl... >> ian, >> >> your activity log shows nothing out of the ordinary. port 445 is >> basically the port that other computer checks if you are on a network and >> is done basically by other computers on the same network that you are. >> however, as some firewalls do not have outbound blocking (like windows >> firewall), there will be computers which will be probing port 445 of >> other computers even when they are not on the same network. >> >> more info on port 445: >> http://grc.com/port_445.htm >> >> hope this helps. >> -- >> Regards, >> Dennis Lazo >> >> the email address from where this message has been sent from is >> unmonitored. >> your replies may not be received. replies may be sent at >> http://dennislazo.com/email/. >> information herein is provided as is with no warranties, and confers no >> rights. >> >> >> >> "Ian" <ipember@removethisfirst.msn.com> wrote in message >> news:%23dLdvbRjEHA.2764@TK2MSFTNGP11.phx.gbl... >>> In my firewall logs, I am getting information sent to my computer every >>> 4 secs or so. I am currently using the new XP SP2 firewall but I also >>> got the similar activity when I used Zonealarm. The IP addresses vary >>> but tend to start with 81.156, as an example: >>> >>> >>> 2004-08-26 22:08:30 DROP TCP 81.156.185.233 81.156.58.12 4141 445 48 S >>> 3869061011 0 65535 - - - RECEIVE >>> 2004-08-26 22:08:36 DROP TCP 81.156.249.172 81.156.58.12 4195 445 48 S >>> 1738999339 0 65535 - - - RECEIVE >>> 2004-08-26 22:08:36 DROP TCP 81.156.249.172 81.156.58.12 4199 1433 48 S >>> 1739036499 0 65535 - - - RECEIVE >>> 2004-08-26 22:08:39 DROP TCP 81.156.231.115 81.156.58.12 4316 445 48 S >>> 4243233531 0 65535 - - - RECEIVE >>> 2004-08-26 22:08:39 DROP TCP 81.156.249.172 81.156.58.12 4195 445 48 S >>> 1738999339 0 65535 - - - RECEIVE >>> 2004-08-26 22:08:39 DROP TCP 81.156.249.172 81.156.58.12 4199 1433 48 S >>> 1739036499 0 65535 - - - RECEIVE >>> >>> I have set my firewall settings to allow echo or ping, but as you can >>> see I still get plenty of activity. I have AVG antivirus up to date >>> and also use Pandascan antivirus web checker and I run spybot and >>> lavasoft adaware often. can anyone help? >>> >>> >>> >>> -- >>> >>> >>> >>> >>> Ian >>> >>> >>> --- >>> Outgoing mail is certified Virus Free. >>> Checked by AVG anti-virus system (http://www.grisoft.com). >>> Version: 6.0.745 / Virus Database: 497 - Release Date: 27/08/2004 >>> >> >> > > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.745 / Virus Database: 497 - Release Date: 27/08/2004 >
- Next message: Lanwench [MVP - Exchange]: "Re: I have too much firewall activity"
- Previous message: Shenan Stanley: "Re: CD "Incorrect function""
- In reply to: Ian: "Re: I have too much firewall activity"
- Next in thread: Ian: "Re: I have too much firewall activity"
- Reply: Ian: "Re: I have too much firewall activity"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
