WordType Designs
Driven To Distractions©
The Sound of One Hand Clapping©

A rchive Date
[ 07-12-2000 ]
Category
[ Information Technologies ]
sub-Categoy
[ Computers ]
      [http://msn.zdnet.com/msn/zdnet/story/0%2C12461%2C2650732 - hud00025inmn3%2C00.html


      Understanding ZoneAlarm's Security Alerts
      Use ZoneAlarm's security alerts to nab hackers trying to access your computer.
      By Bruce Stewart, Help & How - To

      Connecting to the Internet without some level of computer security could leave your system open to hacker attacks. If you've decided to protect your PC with       ZoneAlarm, rest assured that you've chosen one of the best firewall protection programs out there.

      In this article, we'll look at troubleshooting the security alerts that ZoneAlarm provides during a typical session. It's not always totally obvious what ZoneAlarm is trying to tell you when it intercedes on your behalf. Hopefully, these tips will help you to understand and better deal with ZoneAlarm's findings.

      Alerts During Install
      ZoneAlarm is a serious, yet straight forward security system, and the installation and setup procedures are a breeze compared to most firewall products. For more information on the initial setup of ZoneAlarm, read this how - to on installing ZoneAlarm. For the purpose of our troubleshooting, we will assume all the recommended settings from this article are in place.

      Right off the bat, ZoneAlarm will ask you to grant permission to any program on your computer that is trying to establish an outside connection. If you've just installed ZoneAlarm, be prepared for a slew of such dialog boxes as ZoneAlarm gets acquainted with your favorite Net - savvy applications.To avoid these questions in the future, check the "Remember the answer each time I use this program" box when you grant permission to the program (by answering Yes in the dialog box).
      Expect to spend a few minutes authorizing access for applications like your e - mail program, Web browser, chat clients (AIM, MSN Messenger, etc.), media players, and any other programs looking to make outside connections. You'll probably discover a few more of these alerts over the next few days of normal computer use. Soon enough, though, ZoneAlarm will recognize the Internet applications you regularly use and stop pestering you with the "Do you want to allow (program name) to access the Internet?" dialog boxes.

      Receiving Security Alerts
      Now, it's time to start paying more attention to the alerts that ZoneAlarm provides you. Whenever ZoneAlarm notices any unexpected access attempts to your computer system, it generates a security alert. If you are using the recommended settings, these alerts will pop up on your display in front of whatever application you are currently using. Ultimately, ZoneAlarm will deny access to this application.

      With ZoneAlarm's security settings at High, your computer is on the Internet in "stealth mode." This means that ZoneAlarm hides all the ports not currently in use, and won't respond to any requests, or pings, on these ports. However, ZoneAlarm will pay attention to where the request is coming from, and inform you of some of the details in the alert pop - up dialog box.
      The initial dialog box will give you the type of access request and the IP number of the computer making the request, as well as the time and date of the request. Since most people don't keep too many IP numbers floating around their heads, this information probably doesn't help in knowing the origin of the request.

      Analyzing Security Alerts
      Luckily, Zone Labs realizes this issue, and has implemented a handy way of helping you troubleshoot your alert messages. Most alerts will have a More Info button at the bottom of the dialog box; pressing this button will call up a Web page at Zone Labs's site that will help you further analyze the information. Alternatively, you can go to the Alerts section of the ZoneAlarm program and cycle through all the alert messages you have received since last clearing the log. When accessed this way, these alert messages will also display the More info button.

      Once you press More info, your browser will be directed to a special page that will already have more details about that particular alert message. You'll again see the IP number involved, but this time there's a helpful "Who is this?" link under it. This link will open up another browser window and perform a WhoIs search from Arin.net. This search will usually attach a name to the IP address. You'll also get a detailed explanation from ZoneAlarm about the possible causes of the alert, as well as a list of additional resources.

      If the name is as meaningless as an IP number to you, another good try entering the name inside of your favorite search engine and see what it comes up with. In one case, I was able to track down an unknown request to a known spammer that hosts pornographic sites, by searching for the name in Google. Now what were they doing trying to access my computer? I'll probably never know exactly, but it is comforting to know that ZoneAlarm kept my computer from responding to the request.

      A Final Look
      One way to get a good look at ZoneAlarm security alerts is to open a peer - to - peer application, such as Napster. Immediately, a flurry of requests to your system will generate alerts like the following:

      The firewall has blocked Internet access to your computer [ICMP Echo Request ['Ping']] from xxx.xxx.xxx.xxx.
      These alerts recognize other Napster users trying to access your files, which is, of course, how that type of system operates. To avoid these messages and allow the connections, go to the Programs section of ZoneAlarm and allow Napster to act as a server.

      Remember that as long as you have your security settings on High in the ZoneAlarm preferences, you really don't have anything to worry about - none of these spurious requests will get a response. Indeed, one common reason for an unexpected incoming request is if you have recently disconnected from a server less than gracefully, and that server is checking to see if the connection is still alive. If the IP number resolves to the name of a server you were recently downloading from, the server will figure out the connection is over rapidly on its own.

      Copyright (c) 2000 ZD Inc. All Rights Reserved. ZDNet and ZDNet logo are registered trademarks of ZD Inc. Content originally published in Ziff Davis Media publications is the copyrighted property of Ziff Davis Media. Copyright (c) 2000 Ziff Davis Media. All Rights Reserved. Titles of Ziff Davis Media publications are trademarks of Ziff Davis Publishing Holdings Inc. ]
      Cross-Indexed:

      New document Icon


Some pages may require Adobe Acrobat Reader


Copyright and Fair Use Information: The contents of this web site is protected by international copyright laws and may not be reproduced in any form or manner whatsoever, if for the purpose of resale or solicitation of a donation. The essays included here, may be reproduced only if: 1)They are not altered in any way; 2) reproductions must be accompanied by this copyright page ; and 3) it is given freely and without charge.
Fair use: The fair use of copyrighted work, including such use by reproduction in copies or phonorecords or by any other means specified in above sections, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright. In determining whether the use made of a work in any particular case is fair use the factors to be considered include : (1) the purpose and character of the use, including whether the use is of a commercial nature or is for nonprofit educational purposes; (2) the nature of the copyrighted work; (3) the amount and substantiality of the portion used in relation to the copyrighted work as a whole, and; (4) the effect of the use upon the potential market value of the copyrighted work.
Home | About Narrative? |Contact
Copyright © 2025. All Rights Reserved
HAG122125 (1998 -2026)