Zone Alarm: is there a way to know...

Discussion in 'Computer Security' started by Michael O'Donnell, Mar 18, 2006.

  1. .... what is leaving the computer when all the outbound (red bars) are
    flashing, all the time?

    At this point, I know I have no virus, trojan, spyware etc. I have also
    turned off Automatic Updates in Windows XP (Home Edition), but as soon as I
    log on, the outgoing zone alarm bars start up... so I'm at a loss, and
    concerned.

    Is there a simple way to find out?

    Thanks in advance! I hope this made sense...

    Carmen
    Michael O'Donnell, Mar 18, 2006
    #1
    1. Advertising

  2. Michael O'Donnell

    Duane Arnold Guest

    Michael O'Donnell wrote:
    > ... what is leaving the computer when all the outbound (red bars) are
    > flashing, all the time?
    >
    > At this point, I know I have no virus, trojan, spyware etc. I have also
    > turned off Automatic Updates in Windows XP (Home Edition), but as soon as I
    > log on, the outgoing zone alarm bars start up... so I'm at a loss, and
    > concerned.
    >
    > Is there a simple way to find out?
    >
    > Thanks in advance! I hope this made sense...
    >
    > Carmen
    >
    >


    Long

    http://www.windowsecurity.com/artic...d_Rootkit_Tools_in_a_Windows_Environment.html

    Short

    http://tinyurl.com/klw1


    You can use the tools in the link above like Active Ports, Process
    Explorer and the other tools being mentioned and go look for yourself.


    Yes and ZA and other personal FW(s) can and do get beaten.

    Duane :)
    Duane Arnold, Mar 18, 2006
    #2
    1. Advertising

  3. Michael O'Donnell

    Jim Watt Guest

    On Sat, 18 Mar 2006 12:15:35 -0500, "Michael O'Donnell"
    <> wrote:

    >... what is leaving the computer when all the outbound (red bars) are
    >flashing, all the time?
    >
    >At this point, I know I have no virus, trojan, spyware etc. I have also
    >turned off Automatic Updates in Windows XP (Home Edition), but as soon as I
    >log on, the outgoing zone alarm bars start up... so I'm at a loss, and
    >concerned.
    >
    >Is there a simple way to find out?


    Click on the ZA icon and look see what applications are running, thats
    a good start.

    --
    Jim Watt
    http://www.gibnet.com
    Jim Watt, Mar 18, 2006
    #3
  4. Michael O'Donnell

    Guest

    Michael O'Donnell wrote:
    > ... what is leaving the computer when all the outbound (red bars) are
    > flashing, all the time?
    >
    > At this point, I know I have no virus, trojan, spyware etc. I have also
    > turned off Automatic Updates in Windows XP (Home Edition), but as soon as I
    > log on, the outgoing zone alarm bars start up... so I'm at a loss, and
    > concerned.
    >
    > Is there a simple way to find out?



    Well, you could try looking at the raw traffic...

    http://www.ethereal.com/
    , Mar 18, 2006
    #4
  5. Michael O'Donnell

    JW Guest

    You could have no viruses/worms/Trojans/spyware, and still have lots of
    outbound traffic when you log on. Depends on what you've got installed.

    E.g. if you have Yahoo Messenger installed, you will have lots of
    outbound traffic associated with the Bonjour Service installed with it.
    Windows Messenger will also quickly kick off outbound traffic.

    Anti-virus programs will also quickly kick off outbound traffic. At a
    minimum, you will have outbound traffic with Generic Host Process for
    Win32.

    To get specific answers for your PC, click on the Programs tab, and put
    question marks on all internet access for all programs, instructing Zone
    Alarm to ask your permission each and every time a program wants
    outbound access.



    Michael O'Donnell wrote:
    > ... what is leaving the computer when all the outbound (red bars) are
    > flashing, all the time?
    >
    > At this point, I know I have no virus, trojan, spyware etc. I have also
    > turned off Automatic Updates in Windows XP (Home Edition), but as soon as I
    > log on, the outgoing zone alarm bars start up... so I'm at a loss, and
    > concerned.
    >
    > Is there a simple way to find out?
    >
    > Thanks in advance! I hope this made sense...
    >
    > Carmen
    >
    >
    JW, Mar 19, 2006
    #5
  6. Michael O'Donnell

    Guest

    As already mentioned in the thread, you could have a look at the
    traffic using a sniffer, ethereal nearly being a standard today.

    This examination will give you a lot of information even if the data
    uses a home made protocol and/or encryption, such as volume, used
    layers, *destination*, etc.

    Doing whois queries on the destination addresses can help a lot.

    Kind regards
    Ludovic Joly
    , Mar 19, 2006
    #6
  7. Michael O'Donnell

    @lf Guest

    Michael O'Donnell wrote:
    > ... what is leaving the computer when all the outbound (red bars) are
    > flashing, all the time?
    >
    > At this point, I know I have no virus, trojan, spyware etc. I have also
    > turned off Automatic Updates in Windows XP (Home Edition), but as soon as I
    > log on, the outgoing zone alarm bars start up... so I'm at a loss, and
    > concerned.
    >
    > Is there a simple way to find out?
    >
    > Thanks in advance! I hope this made sense...
    >
    > Carmen
    >
    >


    Try to install NetLimiter 2 Monitor (freeware). www.netlimiter.com It
    will list all processes connected to internet together with destination
    IP and port used for communication. It will also log ammount of data
    transfer. You will easy see what is going on.

    You can also use netstat command in command prompt (Windows console) to
    see active connections.
    @lf, Mar 21, 2006
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. John
    Replies:
    0
    Views:
    2,208
  2. Neil
    Replies:
    174
    Views:
    3,256
    Briscobar
    Apr 17, 2006
  3. Patch

    Audible alarm in Zone Alarm?

    Patch, Aug 18, 2003, in forum: Computer Support
    Replies:
    4
    Views:
    1,134
    Patch
    Aug 18, 2003
  4. Jones

    Zone Alarm or Zone Alarm Pro?

    Jones, Feb 19, 2004, in forum: Computer Information
    Replies:
    5
    Views:
    588
    Phil Marshall
    Feb 20, 2004
  5. John John

    AMD Opteron: 1-way, 2-way, ... Up to 8-way.

    John John, Dec 24, 2005, in forum: Windows 64bit
    Replies:
    12
    Views:
    781
    Tony Sperling
    Dec 27, 2005
Loading...

Share This Page