Does anyone know of a good link for tracing the hits that ZoneAlarm has stopped ? Any help would be appreciated, thanks. :D

If im right in thinking you want to trace the IP 's blocked by zonealarm, you can use
www.all-net-tools.com
under network tools.
Or you can use ms-dos prompt and type
tracert ip address
i.e
c:\windows>tracert 123.456.789

Originally posted by dustie
Does anyone know of a good link for tracing the hits that ZoneAlarm has stopped ? Any help would be appreciated, thanks. :D
I use "NeoTrace" which is excellent! It displays a map and highlights where in the World you live and shows you the trace while it's being done and makes lots of noises. :D

It then gives you the registrant and network of the trace. You can download a free copy from www.neoworx.com/

Hope this helps. :)

uk_trader and lazza, thank you much for your help, it's just what I need.

Hope that sometime I can return the favor.
dustie :beer: :beer:

:D
You could also go to the visualroute server this gives a map of the world and shows where the trace originated from

http://visualroute.visualware.co.uk/

Most of these 'pings' are normal 'feeling' of Internet routers trying to update their memory of 'where they are'.

If this didn't happen, your message packets could not be 'routed' in the fastest direction, or even the correct direction.

Every packet sent carries a 'time to live' element, if it couldn't be routed effectively, it wouldn't get to it's destination.
(If packets didn't have this 'Time to live' element, then lost or 'corrupt address' packets would travel around the Internet forever. The network would be busy at all times with these 'nowhere to go' packets).

I reckon less than one in a thousand of these detected pings are from a dubious source, and with 'Zone Alarm' installed, you don't need to worry anyway.

Procode.

While that may be true, by tracing the blocked traffic you can work out your self if it's suspicious or not. If you keep blocking traffic from the same IP for example its worth checking . As for not worrying coz zonealarm's installed nothing is 100% secure especially zonealarm. Im not saying zonealarm is no good just that nothig is 100%. I once thought no one could get in my comp because I was using zonealarm until a m8 of mine and I were discussing firewalls and there security on ICQ (hes on offline m8, Im not stupid) said wait 5 mins and your browser will open at goole and sure enough it did.

I'd bet you have clicked on 'allow' (or 'OK') to something that eventually gave your 'mate' the opportunity.

Once you give permission, next time you will be reminded that this XXXX has been granted permission before ! (must be OK then ?)

Or do you always check what/where everything is, every time.

I don't work for Zone Alert/Alarm nor do I have any connection with them - but I do believe it is an excellent product (and would gladly accept a free improved version from them).

It's weakness is the human factor, (how many of us have read the how to's even ?), I ALWAYS say NO, unless I'm absolutely certain, it'll always ask again.

Procode.

Nah m8 I always have to give it permission. I even have to give my browser permission even when I click a link as that is another exploit for zonealarm for trojans to send information thyrough your web browser mail client etc when you have it to remember your answer. The incident happened when I was new to computer security, but now I know more about firewalls etc, and know that they are breachable. i.e youve got your browser allowed internet connection so youve got an open port (port 80) so there access to your machine. Fair enough he knew I was online which zonealarm would have prevented, Zonealarm does do a good job of protecting your comp but I was just raising the point that your computer is not unbreachable with any software firewall including za.

This is what I found with a quick search for zonealarm exploits. Again Im not bashing za I use it myself. Its just I used to think the same as you as do many millions of people on the net that youre un-hackable with a firewall youre not! The same also applies to other software firewalls.
http://rampages.onramp.net/~mbaska/Newsletter/n000424.htm
By the way Id still recomend zonealarm or an other firewall to be installed. It makes it harder to break into your machine not impossible. Any software is exploitable,

Going back up to the thread starter;
Did you know that the latest version of Zone Alarm Pro (v 2.6), will trace the blocked signal's IP address for you, if you wish !
Procode