Results 1 to 3 of 3
  1. #1

    ZoneAlarm along with LinkSyS

    Questions about setting up ZoneAlarm along with LinkSyS:

    LinkSys using port forwarding: 80, 53, 25, 110

    Services: HTTP, DNS, POP, SMTP

    In ZoneAlarm, I set my firewall to HIGH.

    and Custum these values:

    ALLOW INCOMING TCP: 80, 53, 25, 110
    ALLOW OUTGOING DNS (53) (checked)

    Am I doing this right? Do I need other settings?

    Do I have to let outgoing TCP for port 80? What does this do?

    FWOUT,2002/10/05,09:28:14 -4:00 GMT,,,TCP (flags:R)
    FWOUT,2002/10/05,09:45:44 -4:00 GMT,,,TCP (flags:R)
    FWOUT,2002/10/05,10:11:14 -4:00 GMT,,,TCP (flags:R)

    I notice my out bound traffic are blocked.


    FWOUT,2002/10/05,07:16:02 -4:00 GMT,,,UDP
    FWOUT,2002/10/05,07:25:42 -4:00 GMT,,,UDP
    FWOUT,2002/10/05,07:55:46 -4:00 GMT,,,UDP
    FWOUT,2002/10/05,08:33:00 -4:00 GMT,,,UDP
    FWOUT,2002/10/05,08:35:56 -4:00 GMT,,,UDP

    Why there is so much activity on port 137 in terms of IN and OUT. I believe that port is stealthed and not forwarded.


  2. #2
    All I had to do on Zonealarm is tell it what IP range that the local LAN was using.

    I did not change anything on the LinkSyS but the logon password.

    I have seen IP address hit my web site and if you go to that IP you get the persons router. Some people don't change the passwords and some don't have passwords set at all.
    Dale Crow
    GH1 Web Hosting, Inc.
    The attention span of a computer is only as long as its power cord.

  3. #3
    Join Date
    Jul 2002
    Atlanta, Georgia
    the bugbear worm is what is causing the scans on port 137 (netbios)... its other systems infected with the worm, looking for another system with that port open, for the worm to propogate further...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts