Re: XP's Firewall



<snip>

The following is an example of what Zone Alarm Professional blocked recently:

Incident ID: 215790290
Source IP: 219.131.68.193
Source ISP: chinanet.cn.net
Incident Score:41300
Status: Your event report, in conjunction with other submitted events of this type, has been escalated to the party responsible for the IP address involved.
Response: No response has been received from the party responsible for the IP address.

inetnum: 219.128.0.0 - 219.137.255.255
netname: CHINANET-GD
descr: CHINANET Guangdong province network
descr: Data Communication Division
descr: China Telecom
country: CN
admin-c: CH93-AP
tech-c: IC83-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-CHINANET-GD
status: ALLOCATED NON-PORTABLE
changed: hostmaster@xxxxxxxxxxxxxxxxxx 20020424
changed: hm-changed@xxxxxxxxx 20041207
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@xxxxxxxxxxxxxxxxxx
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: lqing@xxxxxxxxxxxxxxxxxxx 20051212
mnt-by: MAINT-CHINANET
source: APNIC

person: IPMASTER CHINANET-GD
nic-hdl: IC83-AP
e-mail: ipadm@xxxxxxxxxxx
address: NO.1,RO.DONGYUANHENG,YUEXIUNAN,GUANGZHOU
phone: +86-20-83877223
fax-no: +86-20-83877223
country: CN
changed: ipadm@xxxxxxxxxxx 20040902
mnt-by: MAINT-CHINANET-GD
remarks: IPMASTER is not for spam complaint,please send spam complaint to abuse@xxxxxxxxxxx
source: APNIC

Source IP Address 219.131.68.193 The IP address of the computer that sent the packet which caused the alert.
Source Port 33389
The port used by the source computer when sending the packet.
Destination IP xxx.xxx.xxx.xxx
The IP address of the computer to which the packet was sent.
Destination Port 21
The port on the destination computer used to receive the packet.
TCP Flags SYN
Flag indicating the start of an Internet or network connection.
Transport Layer Protocol TCP
The protocol that allows data to be transported between software programs on different
computers.
Network Layer Protocol IP
The protocol that allows two networked computers to locate each other on a network.
Link Layer Protocol Ethernet
The protocol that allows two directly linked computers to share a network cable.
Alert Date Aug-23-2006 03:58:45 PM PDT
The time when ZoneAlarm Pro detected the alert on your computer.
Alert Count 1
Number of times this connection attempt repeated its attempt on your machine
after the original alert. ZoneAlarm Pro shields your machine from repeated displays of an
identical alert.

BTW, I am still waiting for an article or documentation on how the Windows Firewall is better than the Zone Alarm Professional Firewall.
.