New To LookNstop Logs Question

I set the rules to enhanced rules set and i am getting all kinds of activity in the logs section

What are the logs for?

I could not understand some of the info in the faq

one line in the active log says TCP block incoming TCP
it gives an address then addtional says ports dest:6346 SRC3395

there are more then one of these lines like this with different addresses

One line says dest:netbios-ns=137 SRC


When i set the log sounds and messages it keeps going off every few seconds

Are these attacks on my ports?

Any info is greatly appreciated

Thanks

 

Hi ewebenterprises. PhantOm or someone else more knowledgeable than me will be along eventually to give you a better answer but I can get the ball rolling. No, those hits on your system are probably not someone actually trying to hack you. Look at the addresses in the Log. If they are all coming from the same address, than yes, you might have someone trying to get you. But if they are all different, which is probably the case, then they are just scanners looking for potential victims and if LnS is working properly, you are OK. Yes, you will probably get an entry in your Log and a sound every few seconds; there is THAT much activity out there these days, so you might want to turn your sound off. Good luck.

Acadia

 

Hey ewebenterprises

Log screen provides real-time indications on the packet filtered.
For instances rules that has warning Flag (Internet Filtering screen, two columns over) set will display in there, you can monitor malicious and non-malicious packet filtering. It also allows us to enhance our rule-sets, create rules and to determine whether or not it’s done properly. Also in addition to the warning attribute there is also “Message Box, & Sound” that we can use all at once or as combinations. Though I would not recommend using these additional attributes, you have full control over what rules in the rule-set uses these attributes too.