cancel
Showing results for 
Search instead for 
Did you mean: 

Firewall Logs (ZA)

Pegasus56
Grafter
Posts: 29
Registered: 30-07-2007

Firewall Logs (ZA)

Copy/Pasted from Customer Feedback!:

Before I start, first accept My Appologies if this subject has been Aired(& Asnwered) before.

I am New to Free Online (been on BB since 17-10-03), and every time I connect I take a look at My Zone Alarm Log to find out How Active it has been.

Since changing to Free Online BroadBand I have noticed a change in the Log Reports, I find that My ZA Firewall is Blocking 100+ per Hour(I have it set to Display the last 100 Reports) everytime I am Online.

ALL the reports are from DNS Addresses at:

plus.com

cscoms.com

force9.co.uk

Most are just 'Echo Request Pings' which are probably nothing to worry about, what I want to know is WHY am I getting so Many?.

P.S.
On My old Dial-Up I used to get Hits on My Firewall from All Around the World, at least this has Stopped! Wink
2 REPLIES
N/A

Firewall Logs (ZA)

There are a couple of threads on the other PlusNet company Forums which explain what is going on. Take a look at Pings from PlusNet for example (you can use the guest account to log on). You'll find other examples in their "Customer Feedback" forum, and the same is true of PlusNet's "Force9" brand.

plus.com and force9.co.uk will both definitely be PlusNet company users. I can't say I've heard of "cscoms.com" before, but I assume that's also connected with PlusNet in some way.

These pings became evident in a big way at the time of the "MS Blaster" worm. Basically where someone has a PC which is infected with the worm, it is trying to locate other PCs where it could go, and the "ping" is part of its discovery process.

As far as the RPC exploit of MS Blaster goes, the PlusNet companies (including Free-Online) are (were?) blocking ports 135 and 445 (if I remember correctly) which means even Windows PCs which have not had the software fix applied will receive a degree of protection. So, a PlusNet user might be able to detect your machine by pinging it, but the RPC request attempting to exploit the (possibly unfixed) security hole would be blocked by PlusNet / Free-Online.
Pegasus56
Grafter
Posts: 29
Registered: 30-07-2007

Firewall Logs (ZA)

taskforce9.

Thank You for Responding, i have had a look at the +net Forum thread that You gave!

The Only thing that Springs to Mind is ' When Will Someone develope an 20000volt Attachment that can be sent to the Originators of ALL these Virus/Worm/Trojan Nasties! Wink :lol: :lol: :lol: