I've found a complementary product to ZoneAlarm to be ZoneLog. It is
shareware, available from
http://zonelog.co.uk/
This imports the log file created by ZoneAlarm and gives a handy overview of
intrusions. It includes the date, time, IP address (and can resolve
individual addresses upon request), as well as categorizing the type of
intrusion (Unknown, Harmless, Attack, DOS, Scan, Trojan, Outgoing). It
would be nice if this were included with ZoneAlarm, but it isn't.
Ron Jobe
----- Original Message -----
> Hi all,
>
> I guess I'm just brain-dead this week! When I get an alert in Zone Alarm
that someone tried to connect to my
> machine, I copy the IP# and paste it at
http://www.mse.co.jp/ip_domain/index_e.shtml
>
> However, this rarely tells me anything that I can make sense of - I guess
I just don't know how to interpret
> the info.
>
> Can someone offer a better IP or Whois search site, and explain how to use
it to get understandable info? For
> example, telling me that it's a NTCBLK from Korea does nothing for me, but
telling me it's a porn site with a
> name would be far more useful. (Not that moi ever visits porn sites! ;-)
Thanks in advance for any
> suggestions, and forgive my brain-dead questions!
>
> Al Thompson
The NOSPIN Group Promotions is now offering
Mandrake Linux or Red Hat Linux CD sets along
with our NOSPIN Power Linux CD... at a great price!!!
http://freepctech.com/goodies/promotions.shtml
|