Firewall and IP Address Trace
Guest
Posts: n/a
Firewall and IP Address Trace
Following past postings on Zone Alarm I downloaded it and have been using it for a week and I have to say I'm impressed.
It doesn't seem to have slowed anything down and I have had a few alerts (though not as many as other people had reported).
However, does anybody have any suggestions on good tracer programs to try to identify who is trying to get into my system? I'm happy that zone alarm is stopping them but I'd like to know who they are.
It doesn't seem to have slowed anything down and I have had a few alerts (though not as many as other people had reported).
However, does anybody have any suggestions on good tracer programs to try to identify who is trying to get into my system? I'm happy that zone alarm is stopping them but I'd like to know who they are.
Guest
Posts: n/a
You could try http://www.samspade.org who does a programme called "SamSpade" There is also a web page called checkdomain.com.
Guest
Posts: n/a
This program called Black Ice Defender was recommended in The Times a few weeks ago. The number of hits that it shows my PC is taking is very disconcerting but I haven't yet figured out what to do about it. Well worth trying out.
http://www.networkice.com
[This message has been edited by fobotcso (edited 22 July 2000).]
[This message has been edited by fobotcso (edited 22 July 2000).]
[This message has been edited by fobotcso (edited 22 July 2000).]
http://www.networkice.com
[This message has been edited by fobotcso (edited 22 July 2000).]
[This message has been edited by fobotcso (edited 22 July 2000).]
[This message has been edited by fobotcso (edited 22 July 2000).]
Guest
Posts: n/a
I use BlackIce and found it easier than any of the others.
Regarding fobotcso's comment, go to the intruders tab and right click on the attack and you can block the offender as you require.
To test your system go to http://grc.com/ and try, you will have to download a small (20kb) file to help them make sure they are checking your machine. They also have a program called 'Opt Out' which removes a lot of 'spy' programs from your system. Worth doing.
Regarding fobotcso's comment, go to the intruders tab and right click on the attack and you can block the offender as you require.
To test your system go to http://grc.com/ and try, you will have to download a small (20kb) file to help them make sure they are checking your machine. They also have a program called 'Opt Out' which removes a lot of 'spy' programs from your system. Worth doing.
Guest
Posts: n/a
Thanks for the response people.
I have downloaded neotrace but am not sure how to use it properly - well without a flight manual I'm snookered.
It seems to be a program geared more towards tracing faults in the routing of a message transfer rather than tracing an idividual address. But, like I say I don't know how to use it properly. Any tips please.
HP
Ps Does zone alarm interfere with it??
I have downloaded neotrace but am not sure how to use it properly - well without a flight manual I'm snookered.
It seems to be a program geared more towards tracing faults in the routing of a message transfer rather than tracing an idividual address. But, like I say I don't know how to use it properly. Any tips please.
HP
Ps Does zone alarm interfere with it??
Guest
Posts: n/a
Hoover Pilot, I am no expert on these things and so what I offer here is no more than my experience to date.
The ZoneAlarm Firewall (Free) IMHO does the job very well and if you have checked the box on the Alerts menu to log alerts to a text file then you have a record too, rather than keep on getting the popup alert which after a while is a pain.
I too used to worry about who was hacking little old me in the big www. But it is probably nothing more than a random scanner sweeping past you and thousands of others.
It is I believe still illegal though!
However if you are still interested in who, then Neotrace is a great program to use (including world maps) and here is how to look up a 'Whois'.
Place IP address into Neotrace address box (including all points) and trace.
On the List menu place your cursor over the final node (ie.the one you are tracing) and right click to get a sub menu.
Then left click on Whois details... and the registration details of this IP address if known on this register is displayed.
Hope this was of some help.
Can I go and sleep now?
The ZoneAlarm Firewall (Free) IMHO does the job very well and if you have checked the box on the Alerts menu to log alerts to a text file then you have a record too, rather than keep on getting the popup alert which after a while is a pain.
I too used to worry about who was hacking little old me in the big www. But it is probably nothing more than a random scanner sweeping past you and thousands of others.
It is I believe still illegal though!
However if you are still interested in who, then Neotrace is a great program to use (including world maps) and here is how to look up a 'Whois'.
Place IP address into Neotrace address box (including all points) and trace.
On the List menu place your cursor over the final node (ie.the one you are tracing) and right click to get a sub menu.
Then left click on Whois details... and the registration details of this IP address if known on this register is displayed.
Hope this was of some help.
Can I go and sleep now?
Guest
Posts: n/a
Hey Zombie,
Thanks for the info. I've had a bit more success with neotrace by turning off zone alarm when I'm trying to trace something. However, I didn't know about the right click sub menu so that's a great help.
As an aside I do have the alert log enabled but in the passed week and a half I've only had one (yes one) attempt at getting into my computer. So I've left the pop-up box enabled because I'm geting hardly any pings.
Maybe no-one's interested in what I've got (story of my life!) or maybe it's not set up corectly - any thoughts??
Regards
HP
Thanks for the info. I've had a bit more success with neotrace by turning off zone alarm when I'm trying to trace something. However, I didn't know about the right click sub menu so that's a great help.
As an aside I do have the alert log enabled but in the passed week and a half I've only had one (yes one) attempt at getting into my computer. So I've left the pop-up box enabled because I'm geting hardly any pings.
Maybe no-one's interested in what I've got (story of my life!) or maybe it's not set up corectly - any thoughts??
Regards
HP
Guest
Posts: n/a
Hoover Pilot
The whole point is to keep the firewall up and running so as to (hide) fully use its protection. If you turn it off then it cannot help. After giving ZoneAlarm your permission for Neotrace to access the internet you should not have any more problems. You have done this haven't you. Yes you must have done this.
Can I go to sleep now?
The whole point is to keep the firewall up and running so as to (hide) fully use its protection. If you turn it off then it cannot help. After giving ZoneAlarm your permission for Neotrace to access the internet you should not have any more problems. You have done this haven't you. Yes you must have done this.
Can I go to sleep now?
Guest
Posts: n/a
I wouldn't be too concerned about having your ports sniffed once in a while. Far from someone trying to access your specific 'puter it's most likely some gob$hite kode kiddie with an off-the-shelf scanner trawling for what they can find. I admin a site and sometimes amuse myself watching all the mappets bouncing off our firewall, it happens too often to do much more than keep yr shields charged and up to date. Don't sweat it (unless u keep valuable secrets on a home pc in which case u deserve to be cracked), don't bother trying to trace them, do keep yr shields up.
[This message has been edited by desertbootz (edited 09 August 2000).]
[This message has been edited by desertbootz (edited 09 August 2000).]
Guest
Posts: n/a
For interest, I have installed Norton Personal Firewall II. I went to the GRC site and ran their test where they try to access your machine. Tight as a drum.
They reported that they could not even see the PC existed except on all but 2 ports. On those 2 they could see it existed but nothing else.
They reported that they could not even see the PC existed except on all but 2 ports. On those 2 they could see it existed but nothing else.
Guest
Posts: n/a
Any one out there offer any information about the advantages and disadvantages of ZoneAlarm v. PortIce 2.0 please?
Would they run side by side or interfere with each other?
[This message has been edited by addinfurnightem (edited 10 August 2000).]
Would they run side by side or interfere with each other?
[This message has been edited by addinfurnightem (edited 10 August 2000).]
Guest
Posts: n/a
None of the above will give you more than the isp address of the user of a particular IP number, that's why we dumped neotrace etc. in favour of http://checkdomain.com
ie, you won't get further than the ISP's name & address.
ie, you won't get further than the ISP's name & address.