Any computer geniuses out there? New firewall is alerting me to

numerous attempts (almost 200/day) to access my computer from remote sites. Few of the alerts give a web address and all give different IP addresses. How do I find out where these originate?

This is a free firewall from ZoneAlarm and I am stunned how much crap is coming up.

Not only that, it comes with a 2 week trial on this "cloaking device" that makes you less visible on the internet. Is this the same thing as using a router for DSL?

I got to thinking about that woman a few weeks ago who is a poster at DU and has ended up on Asscraft's list at the airport security checkpoints. The only thing she could think of that put her on the list is DU...so, is this how they find us, even with anonymous screen names?

attacks.

But I still see attempts made once in a while. (one attack/month?)

I'd also recommend hardware solutions above software. Even if it costs more.

It's $39.95 to buy this total package (firewall is free). Do both? Or just the hardware router?

I had no idea how much stuff would try to find me online. Some of the alerts come with partial web addresses and I've been able to look up a few of them: mostly Japanese gaming and porn or other DSL suppliers.

How can I figure out who is making all these attempts?

Do you know how I can activate it?

I've been having computer freeze-up on my laptop. I decided to get rid of my windows firewall and mcaffee antivirus to see if they were causing it. I think it was the firewall because I took that off last, and so far, several hours later, no freeze. Now I feel darned naked, and need help.

I would truly appreciate it if you or someone can please advise. :)

you need to know how to chain proxies together. To do that you really need broadband though.

If you are on a dynamic IP the alerts might be because another 'puter has been trojaned. If you are on a static IP it might be a hack.

If the firewall drops the packets no problem though because it won't respond to port scans or pings. Log off and surf again. If the scans/pings persist post on the Computer Group and post the log details.

edit: don't post your IP if you post the log info'...security risk.

How do I know if I have a dynamic or static DSL?

run some major spyware scans and clean your computer up.

Read some of the older posts here..the ones on the bottom.
Download the recommended programs, update them, then scan your computer. You most definately need Ad-Aware SE and Spybot Search and Destroy.

If you have spyware programs installed, they will constantly be dialing "out" to home base...and once "home base" has your computer's IP address, they will constantly be dialing back "in" to get the latest info from your computer. Use the programs listed to kill the process.

http://groups-beta.google.com/group/SPYWARE-Killers

I have been running those programs for a very long time, update regularly, and about 2 weeks ago, followed a clean-up method recommended by MajorGeeks that took hours (running things with system restore off, hidden files open, two different virus detectors in addition to what I already have running, the whole ball of wax). Found a few things with this method, but otherwise I was clean except for some other stuff that got my windows media player.

It seems that now I have all that stuff gone, it's STILL happening. A friend told me to get a router. I am assuming I have a static DSL (how can I tell?). Is the router what makes it dynamic?

AVERT stinger, CCleanup, SpywareBlaster, jeez, aside from learning about Linux or getting a Mac, I don't know what else to do.

... there are computers all over the world. There are bored teenagers all over the world. They write trivial programs that just sequence through random (or a series of) IP addresses, looking for a computer that will answer their request.

Do not get the mistaken impression that those attempts to get into your computer are targeted at you personally, that is very highly unlikely. They are just coming from hackers looking for computers to host trojans or computers to steal salable info (credit card #s and such) or just to create mischief.

If you are using DSL, (static or dynamic IP - doesn't really matter) get one of those $40 gateway/routers and be done with it.

Which is worse? I don't know. Suppose the drugs. Can't we find something for them to do? Sigh...

Thanks. I think I am going to go get a router tomorrow. What should I look for?

... of them will work fine. Some might be a little easier to configure and get going than others.

I use a LinkSys, it is very easy to set up and it's never hiccuped once :)

firewall, or do I have to set it up to have one? I can't seem to find the aswer at Linksys. Please help! Thanks!

... has a feature/function called "block WAN request" or similiarly named feature.

What this mean, somewhat simplified, is that the router will only "answer" or "forward" packets in an IP conversation that YOU initiated.

That means you have to establish a TCP/IP connection, no-one from the outside can do so. If the router gets a request from an address it is not already talking to, it ignore it completely.

This is the default action for probably all similar devices - you should be ok.

Windows firewall that I would be open to attack. I wonder if it was the routers firewall and windows firewall being incompatible that caused my hard drive to freeze.

to launch DNS attacks, hack into networks using your IP etc. Most networks are protected against DNS attacks these days.

It's usually script kiddies that use port scanners for that purpose though. These days war drivers, chalkers etc get in through wireless networks. They'll sit outside a node with a laptop.

Not that it doesn't work, but that it is too sensitive...

Just what I've heard from friends, never used it myself.

I'm on a MAC, so I don't have such problems....NOW.
But that damn iPod is so popular, people are starting to buy more Macs...
and that new Mini might just bump Apple above 5% of marketshare next year, and then the damn evildoers are gonna notice us and THEN it's just a matter of DAYS until Mac users get hit with a wave of viruses and malignant cookies...

Hey: I just said "Malignant Cookies"....great band name!

There are a number of features that don't work now that I have it (moving smilies on DU, links out of my email to trusted sites). But there have been so many attempts to access my computer that I am going to stick with this until I know more about what's happening.

So Mac might be out...Linux?

This means that if something tries to access your computer through any port, it ignores the request rather than refusing it (refusing the request shows that there is a computer there).

http://www.geektools.com/whois.php

Most of the time, these are random ad server attempts or little rat bastards living in their mommy's basement with nothing better to do. The ZA blocked them, sweat not. In a year, I've had 511 access attempts blocked, 46 of which were high rated. Think what would have happened without ZA?

I'm going to check out this site.

https://grc.com/x/ne.dll?bh0bkyd2
Read and proceed. There's a lot of useful stuff. You can scan all ports to check your firewall. Also, there's info and tools for any problems you may find.