Coolwwwsearch

Discussion in 'other firewalls' started by MICRO, Jun 21, 2004.

Thread Status:
Not open for further replies.
  1. MICRO

    MICRO Registered Member

    Joined:
    Jun 8, 2004
    Posts:
    1,020
    Every day of every week and constant throughout the days, when I click on my firewall log I see this ack packet attack on the diff. ports.
    Is this what everyone is copping or is there a way to avoid, other than pulling the net plug ?

    TIA,

    Regards.
     

    Attached Files:

    • CWS.jpg
      CWS.jpg
      File size:
      63.5 KB
      Views:
      583
  2. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    There is a lot of that out there but at least your security seems to be blocking it.
     
  3. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
  4. MICRO

    MICRO Registered Member

    Joined:
    Jun 8, 2004
    Posts:
    1,020
    G'day Blackspear,
    Yes I have been using the shredder for a year or so thanks, as bigc noted,the wall is blocking, but I was wondering if there is a way to stop the attacks.
    I am wondering if you are copping the same, if you know what I mean,
    by my first word in this reply ?

    Regards.
     
  5. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    I wouldn't know how to stop the attacks because that kind of thing is on the web 24/7 and if you are connected you are vulnerable. but in your case your security is working well for you. Most everyones firewall log will look somewhat similar. but as long as it is blocking that type of malware you are ok.


    good luck

    bigc
     
  6. BlitzenZeus

    BlitzenZeus Security Expert

    Joined:
    Feb 11, 2002
    Posts:
    451
    Location:
    Oregon, USA
    At least this let you know that you had CWS, but please go into your admin of Kerio, and disable logging of suspicious packets as it logs 99.5% garbage. Those are not attacks those are ACKnowledgments from closed connections it seems that somehow the connection is allowed, but its being closed off so its sending back ack packets to re-establish the connection.

    NO firewall should call something an attack when its not, only after Kerio took over Tiny 2x they added these attack bs reference to an attack on some packets which are not attacks. However most firewall vendors of calling something an attack when its so far from the truth it might as well be on another planet.
     
  7. MICRO

    MICRO Registered Member

    Joined:
    Jun 8, 2004
    Posts:
    1,020
    Thanks Blitzen,
    Any chance you can say which should be checked or other please ?

    Regards.
     

    Attached Files:

  8. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    Un check the circled box
     

    Attached Files:

  9. MICRO

    MICRO Registered Member

    Joined:
    Jun 8, 2004
    Posts:
    1,020
    Thanks bigc,
    I understood that from Blitzen's post, but when I went to the fwall and could see the other boxes, I wanted to know if any of the rest of the boxes should be altered.
    Now I can see you just have two checked,I shall do the same.

    Just for my own interest;
    Before I unchecked the LSP box, would the constant,non stop,pounding of the fwall
    log box have been using any of the computer's resources ?
    Or are they unrelated ?

    Regards.
     
  10. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    It shouldn't use anymore than your firewall normally uses to run. ;)
     
  11. MICRO

    MICRO Registered Member

    Joined:
    Jun 8, 2004
    Posts:
    1,020
    bigc,
    After reading a reply by snowbound referring to your speed I am wondering
    if you should consider the name, Speedy Gonzales ! LOL
    Thanks very much for your help.

    Kind Regards.
     
  12. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    Si Senor ;)
     
Thread Status:
Not open for further replies.