|
| |
|
|
TWbrkzzk1
Posts: 27
Joined: 9/20/2004
Status: offline
 |
ZoneAlarm - 9/27/2004 22:55:03
I just installed ZoneAlarm and I got a few questions. ZoneAlarm detected 2 programs that I have never heard of before of trying to connect to the internet. One was "RSEDNClient", and the other was "process 216". Have any of you guys heard of these programs before? Also, within the first hour of installing ZoneAlarm, it said "233 intrusions have been blocked since install 13 of those have been high-rated". Is this normal?
|
|
|
|
ou812
Posts: 1538
Joined: 1/5/2002
From: San Diego
Status: offline
|
RE: ZoneAlarm - 9/27/2004 23:16:20
rsednclient.exe is a process from Red Swoosh, Inc. It is used by web sites to allow you to download files quickly and more efficiently
http://www.liutilities.com/products/wintaskspro/processlibrary/rsednclient/
Not sure about "process 216". Any other information on it?
Your intrusion seems really high to me. Since my install, way too many months ago, I've had only 8, with 0 high-rated. Maybe others have had similar experiences to you?
-brian
| |
|
|
|
bobby
Posts: 11394
Joined: 8/15/1969
From: Seattle WA USA
Status: offline
|
RE: ZoneAlarm - 9/28/2004 0:02:28
Try not allowing "process216" access and see what happens... you can always give it back permission if you need it.
I'm used to seeing references like that in kernel messages, but never as an application that needs access to the network...
I tried Google and came up short.
Do you run anything like spybot or Adaware to trash spyware? I'd run every scan you can think of just to be sure, or until somebody can explain what that one means.
Plus, it's good to run those kind of scans weekly just to be safe... along with things like Antivirus updates and such.
As far as the intrusions, that can be misleading. It could be your ISP pinging your modem or any number of things...
I have over 10,000 blocked intrusions since I installed the last ZA update and almost 28,000 blocked access attempts.
That may sound high, but when I used Norton Firewall it was rediculously higher. I would get 3,000 of them a day. I was really paranoid until I started asking around.
(Still am, but I feel much better after the medication)
The majority of them turned out to be from Comcast (Then AT&T) reaching out to touch my broadband modem.
It's also possible that it's blocking one of those fun random-IP attacking virus monsters that float around out there unprotected... without a firewall you can catch one just for connecting.
_____________________________
If con is the opposite of pro, is Congress the opposite of progress?
| |
|
|
|
Peppergal
Posts: 2204
Joined: 9/20/2002
Status: offline
|
RE: ZoneAlarm - 9/28/2004 0:25:39
quote:
It could be your ISP pinging your modem or any number of things...
yeah, I noticed that a lot of my "intrusions" were from my ISP. LOL
I have a high number of intrusions myself. Made me really paranoid about what was going on BEFORE I installed it! LOL
_____________________________
Northeast PA / Poconos/ Lake Wallenpaupack Real Estate
wallenpaupacklakeproperty.com
Karen's Real Estate Blog
| |
|
|
|
TWbrkzzk1
Posts: 27
Joined: 9/20/2004
Status: offline
|
RE: ZoneAlarm - 9/28/2004 1:30:31
quote:
ORIGINAL: bobby
Try not allowing "process216" access and see what happens... you can always give it back permission if you need it.
I'm used to seeing references like that in kernel messages, but never as an application that needs access to the network...
I tried Google and came up short.
Do you run anything like spybot or Adaware to trash spyware? I'd run every scan you can think of just to be sure, or until somebody can explain what that one means.
Plus, it's good to run those kind of scans weekly just to be safe... along with things like Antivirus updates and such.
As far as the intrusions, that can be misleading. It could be your ISP pinging your modem or any number of things...
I have over 10,000 blocked intrusions since I installed the last ZA update and almost 28,000 blocked access attempts.
That may sound high, but when I used Norton Firewall it was rediculously higher. I would get 3,000 of them a day. I was really paranoid until I started asking around.
(Still am, but I feel much better after the medication)
The majority of them turned out to be from Comcast (Then AT&T) reaching out to touch my broadband modem.
It's also possible that it's blocking one of those fun random-IP attacking virus monsters that float around out there unprotected... without a firewall you can catch one just for connecting.
quote:
Try not allowing "process216" access and see what happens... you can always give it back permission if you need it.
I'm used to seeing references like that in kernel messages, but never as an application that needs access to the network...
I tried Google and came up short.
Do you run anything like spybot or Adaware to trash spyware?
The file name for process 216 is fftlyby.exe. It is located in C:\winnit\system32\fftlyby.exe.
The destination IP it was trying to connect to is 64.105.132.250:53
The destination DNS is lsanca54-pub-ns1.covad.net.
I do have Adaware and I ran it earlier today.
| |
|
|
|
TWbrkzzk1
Posts: 27
Joined: 9/20/2004
Status: offline
|
RE: ZoneAlarm - 9/28/2004 2:02:52
Most of the intrusion alerts are coming from covad. I have AT&T DSL btw.
| |
|
|
|
TWbrkzzk1
Posts: 27
Joined: 9/20/2004
Status: offline
|
RE: ZoneAlarm - 9/28/2004 23:29:03
Does having a firewall like ZoneAlarm reduce the speed of your internet connection? Also, I now have 3298 blocked intrusions, in which 117 have been high-rated. Most of the intrusions are coming from Covad. I have AT&T DSL, so is Covad in any way affiliated with AT&T?
| |
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts
|
|
|
Printable Version 
