Hot Downloads



The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: Zone Alarm high alert: what is the nature of

Zone Alarm high alert: what is the nature of 14 years 3 weeks ago #6542

  • saidfrh
  • saidfrh's Avatar Topic Author
  • Offline
  • Distinguished Member
  • Distinguished Member
  • Posts: 92
  • Thank you received: 0
Ip from several ports has set off high alert on the Zone Alarm. How can I find where is comming from?
The following is a high Alert log from Zone Alarm log viewer. The PC has an IP of; default gateway -linksys DSL router is . The rest of computers are turned off. I can not ping, which triggered the high alert. How can I find out where the 1.104 is coming from and its nature?

Rating High

Protocol Source Destination
TCP (flag:S)

Re: Zone Alarm high alert: what is the nature of 14 years 2 weeks ago #6559

  • sLz
  • sLz's Avatar
  • Offline
  • Frequent Member
  • Frequent Member
  • Posts: 38
  • Thank you received: 0
Good question saidfrh. Seen as how nobody's replied, I'll start it off hopefully, by giving a naif reply. Perhaps it's your MODEM's HFC IP doing something like trying to access its TFTP server, however the data is strangly being sent over the ethernet port instead of Coax/Fibre channel leading all the way back to your ISP...? I have no idea, just a maybe. *Hides in a corner and awaits criticism*.

Re: Zone Alarm high alert: what is the nature of 14 years 2 weeks ago #6566

I promise I wont criticize you :-P Anyways, from what I see, the IP address you are seeing must either originate from your internal network(it being inside the reserved address space) or it is being spoofed. It seems that whatever the host is querying is your netbios port on your computer and trying to establish a TCP connection and your computer is obviously denying or dropping the connection.

So I ask you this, are you sharing any files or folders on your private network? are you perhaps using wifi(could be a wardrive trying to access your internal network that happens to deny echo_requests(ping))? have you tried checking what computers are participating in your windows network by using the "net view" command in the cmd prompt? Also try scanning the suspected computer with something other then ping... try the windows port of nmap.. unless you got a linux box ;-). If you need anymore help, come up with a solution or discover information feel free to post it :-)
"He who breaks something to find out what it is, has left the path of wisdom."

Gandalf the Grey
  • Page:
  • 1
Time to create page: 0.164 seconds


Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V


  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup