Firewall
alert Firewall
alert |
For detailed information about the contents of the alert box, see the related topic Alert details. |
Firewall alerts occur when ZoneAlarm Pro blocks an incoming or outgoing packet because of the port and protocol restrictions set in the Firewall panel.
Firewall alerts can be caused by harmless network traffic, for example, if your ISP is using ping to verify that you're still connected. However, they can also be caused by a hacker trying to find unprotected ports on your computer.
If the alert was probably caused by harmless network traffic, the alert has an orange band at the top. If the alert was probably caused by hacker activity, the pop-up has a red band at the top
When you see a Firewall alert, there's nothing you have to do to ensure your security.
To dismiss the alert box, click OK. By doing this, you're not allowing any traffic in or out of your computer.
If you're interested in learning more about the alert, for example, the common uses of the port it was addressed to, or the likelihood that it stemmed from hacker activity, click the More Info button. This submits your alert information to Zone Labs' AlertAdvisor, which analyzes the information and provides the most likely explanation.
To have ZoneAlarm Pro enforce firewall security without alerting you, turn off the display of informational alerts. How?
If you are receiving a lot of firewall alerts, but you don't suspect you're under attack, try the following troubleshooting steps:
If you're on a home or business network, and your Trusted Zone security is set to high, normal LAN traffic such as NetBIOS broadcasts may generate firewall alerts. Try lowering Trusted Zone security to medium. How?
Repeated alerts may indicate that a resource you want to trust is trying repeatedly to contact you.
Try the procedures suggested for managing ISP heartbeat.
By default, ZoneAlarm Pro only displays high-rated firewall alerts. If your defaults have been changed, you may see a lot of medium-rated alerts. Try setting your alert display settings to medium. How?
packet
A single unit of network traffic. On "packet-switched" networks like
the Internet, outgoing messages are divided into small units, sent and routed
to their destinations, then reassembled on the other end. Each packet includes
the IP address of the sender, and the destination IP address and port number.
port
A channel in or out of your computer. Some ports are associated with standard
network protocols; for example, HTTP (Hypertext Transfer Protocol) is traditionally
addressed to port 80. Port numbers range from 1 to 65535.
protocol
A standardized format for sending and receiving data. Different protocols serve
different purposes; for example SMTP (Simple Mail Transfer Protocol) is used
for sending e-mail messages; while FTP (File Transfer Protocol) is used to send
large files of different types. Each protocol is associated with a specific
port, for example, FTP messages are addressed to port 21.
ping
A type of ICMP message (formally "ICMP echo") used to determine whether
a specific computer is connected to the Internet. A small utility program sends
a simple "echo request" message to the destination IP address, and
then waits for a response. If a computer at that address receives the message,
it sends an "echo" back. Some Internet providers regularly "ping"
their customers to see if they are still connected.
When
you see a Firewall alert, it means that ZoneAlarm Pro has protected you
by blocking traffic not allowed by your Firewall settings. By clicking
OK, you are not letting anything into your computer—you are
only saying "Yes, I've seen the alert."