Jolt 2 Denial of Service Attack?

Discussion in 'other firewalls' started by taytong888, Mar 18, 2007.

Thread Status:
Not open for further replies.
  1. taytong888

    taytong888 Registered Member

    Joined:
    Mar 26, 2006
    Posts:
    138
    Hi,

    I am behind a DI-624 router. Just installed Sygate Pro version 5.6.3408.Debug.final. After configuring the firewall, I immediately got 2 red arrows of Sygate icon in the lower right corner of the task bar. Security log of Sygates indicates that my XP Home SP2 computer is having a "Jolt2 Denial of Service attack" from 72.14.205.147 (google); "UDP packets are flooding" my connection causing "100% CPU utilization". Is this a false positive problem due to Sygate, or am I doing something wrong?

    I would much appreciate your help.

    o_O
     
  2. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,184
  3. taytong888

    taytong888 Registered Member

    Joined:
    Mar 26, 2006
    Posts:
    138
    Hi Jarmo,

    Thanks for the prompt reply and link to Sygate forum which I thought would be frozen in time! Anyhow, I read thru the threads there and as suggested, blocked NTOSKRNL.EXE as well as unchecked Intrusion Protection Service of Sygate firewall but it still showed the red arrows. So, I uninstalled Sygate Pro and installed Sygate Free 5.6_b2808. Now, Jolt 2 Denial of Service Attack is no longer shown.

    By the way, in "Advanced Application Configuration" windows or dialog boxes for the applications, should I check or uncheck "Allow ICMP traffic"?

    Thanks in advanced. I tried Kerio 2.1.5 once but didn't really understand its rules so I return to Sygate for its simplicity!

    :-*
     
  4. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,184
    I have always kept that ICMP setting on default.

    As you can see from my guide page that 5.6.2808 is not my favorite and would still use 5.5.2710 free or maybe that latest beta that you can find in red_jacks file archive.
     
Loading...
Thread Status:
Not open for further replies.