Welcome to the Comodo Forum
Welcome,
Guest
. Please
login
or
register
.
March 20, 2010, 12:31:17 AM
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
373113
Posts
41388
Topics
94068
Members
Latest Member:
mach8
more news...
Search:
Advanced search
|
Tag Cloud
Welcome to the Comodo Forum
Archived Boards
Discontinued Products
Comodo Firewall
Help for v3
Windows Operating System / System Idle Process in Logs [Merged Threads]
« previous
next »
Pages:
1
...
16
17
[
18
]
19
Author
Topic: Windows Operating System / System Idle Process in Logs [Merged Threads] (Read 33393 times)
forcesorcery
Comodo Member
Offline
Posts: 32
Re: Windows Operating System / System Idle Process in Logs [Merged Threads]
«
Reply #255 on:
May 02, 2008, 06:29:58 AM »
Hello Sirs,
I'm an ADSL user without router, and I'm using XP SP2.
Sometimes, almost occurs after connected on internet
The "Windows Operating System" want to send ICMP out to my DNS server (168.95.1.1 & 168.95.192.1)
The ICMP is "Type(3) Code(3)"...I dont know what Type(3) Code(3) means.
Should I allow it? Is it normal or malicious?
Thanks very much in advance, best Regards. (S)
Logged
Comofo
Guest
Re: Windows Operating System / System Idle Process in Logs [Merged Threads]
«
Reply #256 on:
May 02, 2008, 07:14:45 AM »
Type Name
---- -------------------------
0 Echo Reply
1 Unassigned
2 Unassigned
3 Destination Unreachable
4 Source Quench
5 Redirect
6 Alternate Host Address
7 Unassigned
8 Echo
9 Router Advertisement
10 Router Solicitation
11 Time Exceeded
12 Parameter Problem
13 Timestamp
14 Timestamp Reply
15 Information Request
Codes
0 Net Unreachable
1 Host Unreachable
2 Protocol Unreachable
3 Port Unreachable
4 Fragmentation Needed and Don't
Fragment was Set
5 Source Route Failed
6 Destination Network Unknown
7 Destination Host Unknown
8 Source Host Isolated
9 Communication with Destination
Network is Administratively Prohibited
10 Communication with Destination Host is
Administratively Prohibited
11 Destination Network Unreachable for Type
of Service
12 Destination Host Unreachable for Type of
Service
13 Communication Administratively Prohibited
14 Host Precedence Violation
15 Precedence cutoff in effect
Logged
forcesorcery
Comodo Member
Offline
Posts: 32
Re: Windows Operating System / System Idle Process in Logs [Merged Threads]
«
Reply #257 on:
May 02, 2008, 09:08:02 AM »
Thanks very much...
Port unreachable...?
Is it safe? or malicious...?
Should I allow this?
Logged
Comofo
Guest
Re: Windows Operating System / System Idle Process in Logs [Merged Threads]
«
Reply #258 on:
May 02, 2008, 07:11:04 PM »
Hard to say force,
What I think it
might
be is your DNS server slow to respond, and so when it finally does it's rejected because it's late and no longer expected - if I understand your description properly + my educated guess is correct.
Do you get a lot of these?
Do they have any noticeable affect?
Logged
forcesorcery
Comodo Member
Offline
Posts: 32
Re: Windows Operating System / System Idle Process in Logs [Merged Threads]
«
Reply #259 on:
May 03, 2008, 02:24:55 AM »
Thanks, Master Comofo.
No, I dont get lots of these ICMP outgoing attmpt...just sometimes.
Usually occur after just connected with internet.(ADSL user)
and...If I block it, seems nothing wrong happened.
Logged
Comofo
Guest
Re: Windows Operating System / System Idle Process in Logs [Merged Threads]
«
Reply #260 on:
May 03, 2008, 03:22:42 AM »
LoL...master? Not even close, I'm just trying to share my limited understanding/experience with my fellow 'modo supporters. Often I'm just researching the info myself.
Can you post a screen shot of an example of these blocks? And we'll just see if we can't sort this out...
Logged
Josh123
Guest
Re: Windows Operating System / System Idle Process in Logs [Merged Threads]
«
Reply #261 on:
May 03, 2008, 03:29:48 AM »
Quote from: Comofo on May 03, 2008, 03:22:42 AM
LoL...master? Not even close, I'm just trying to share my limited understanding/experience with my fellow 'modo supporters. Often I'm just researching the info myself.
Can you post a screen shot of an example of these blocks? And we'll just see if we can't sort this out...
Thank you Comofo for your contribution
Josh
Logged
forcesorcery
Comodo Member
Offline
Posts: 32
Re: Windows Operating System / System Idle Process in Logs [Merged Threads]
«
Reply #262 on:
May 03, 2008, 09:12:13 AM »
Thanks for helping..
These is some log of ICMP outgoing attempts...
The source IP are mine...I use ADSL so I have various IPs
Sometime the destination IP changes to 168.95.192.1 (It's my ISP DNS)
Is this normal...?
Best Reagrds
Logged
Comofo
Guest
Re: Windows Operating System / System Idle Process in Logs [Merged Threads]
«
Reply #263 on:
May 03, 2008, 08:12:41 PM »
So if I gather correctly,
This is all traffic within your network.
I am not very concerned (though I am rather curious) about the danger these pose (if you do in fact recognize the addresses). Like I said before, these could be just slow DNS responses - and they are few and far between.
I wish I could tell you for sure what these are exactly, but to be honest my knowledge is limited and there are other variables to consider.
Whatever these blocks are, they do not seem to pose any functionality problems - I personally would not allow these unless (a) they do and (b) the exact nature of them is revealed and (c) someone smarter than me (they're really easy to find) tells you to.
With the info you've provided me I'm still investigating and will let you know as soon as I learn more.
([at] 3xsist: I believe it all comes around
)
«
Last Edit: May 03, 2008, 08:15:32 PM by Comofo
»
Logged
forcesorcery
Comodo Member
Offline
Posts: 32
Re: Windows Operating System / System Idle Process in Logs [Merged Threads]
«
Reply #264 on:
May 04, 2008, 04:32:15 AM »
Thanks very much,
Maybe it's just slow of DNS response...
It's only occurs when I feel the internet is quite slow.
Hope this isn't malicious.
I used Porcess Explorer to check the system...no strange module was found.
Thanks very much again for helping.
Logged
Comofo
Guest
Re: Windows Operating System / System Idle Process in Logs [Merged Threads]
«
Reply #265 on:
May 04, 2008, 07:18:34 AM »
Next time it happens -
Make sure you know the ip's are yours: Run > cmd > type: ipconfig /all > Enter
These are your lan addresses, DNS, etc. - and also do a traceroute [ie; ping yahoo.com]
Here's your wan address
now check these against your blocks.
If they're yours, no worries at all
and if they're not - well, at least you never allowed them
Lemme know how it goes.
Logged
forcesorcery
Comodo Member
Offline
Posts: 32
Re: Windows Operating System / System Idle Process in Logs [Merged Threads]
«
Reply #266 on:
May 04, 2008, 07:56:42 AM »
Thanks, I'm pretty sure that those IPs were mine.
It seems normal.
Thank a lot again for these helping.
Logged
Comofo
Guest
Re: Windows Operating System / System Idle Process in Logs [Merged Threads]
«
Reply #267 on:
May 04, 2008, 08:19:35 AM »
My pleasure,
I flipped back through this thread and there I was, learning how to disable my routers rip. Love it.
Logged
AussieSteve
Guest
Re: Windows Operating System / System Idle Process in Logs [Merged Threads]
«
Reply #268 on:
May 22, 2008, 07:35:07 AM »
May I Suggest A Summary Of This Thread, As I Had The Smae Problem And Read Over The Answer Due To The Length.
Logged
Vettetech
Guest
Re: Windows Operating System / System Idle Process in Logs [Merged Threads]
«
Reply #269 on:
May 22, 2008, 07:45:51 AM »
I actually told you the answer in your other thread. Make it outgoing. Make svchost,explorer.exe and system all outgoing only.
Logged
Tags:
strange connection
blocks
lots of block
system idle proccess
strange block
Pages:
1
...
16
17
[
18
]
19
« previous
next »
Jump to:
Please select a destination:
-----------------------------
General Category
-----------------------------
=> Melih's Corner - CEO Talk/Discussions/Blog
=> Comodo.TV - Our Internet Video Channel
===> Comodo.TV - News and Announcements
===> Comodo.TV - Program Lineup
===> Audience Feedback and Suggestions
=> Which Product do you want Comodo to develop next?
=> How Can I Help Comodo? (Please We Need You!)
===> Report Comodo Forum / Web Site Issues
===> Please Tell Us Your Views and Vote Here!
===> Help Spread the Word - Banners and Logos
=> General Discussion (off topic) Anything and everything...
===> Member Confessions :-)
===> Funny Photos :-)
===> Cool Stuff
-----------------------------
Desktop Security Products & Services
-----------------------------
=> Comodo Internet Security - CIS
===> News / Announcements / Feedback - CIS
=====> Wishlist - CIS
===> AV False Positive/Negative Detection Reporting
===> Help - CIS
=====> Guides - CIS
=====> AntiVirus Help - CIS
=======> AntiVirus FAQ - CIS
=====> Firewall Help - CIS
=======> Firewall FAQ - CIS
=====> Defense+ / Sandbox Help - CIS
=======> Defense+ / Sandbox FAQ - CIS
=====> Install / Setup / Configuration Help - CIS
=======> Install / Setup / Configuration FAQ - CIS
===> Bug Report - CIS
=> Comodo Backup - CB
===> News / Announcements / Feedback - CB
===> Comodo Online Backup - COB
===> Help - CB
=====> FAQ - CB
=> Comodo Time Machine - CTM
===> News / Announcements / Feedback - CTM
===> Help - CTM
=====> FAQ - CTM
===> Bug Reports - CTM
=> Comodo Dragon - CD
===> News / Announcements / Feedback - CD
=====> Wishlist - CD
===> Help - CD
=====> FAQ - CD
===> Bug Reports - CD
=> Comodo Disk Encryption - CDE
===> News / Announcements / Feedback - CDE
=====> Wishlist - CDE
===> Help - CDE
=====> FAQ - CDE
===> Bug Reports - CDE
===> Beta Corner - CDE
=> Comodo Secure Email - CSE
===> News / Announcements / Feedback - CSE
===> Help - CSE
=====> FAQ - CSE
===> Bug Reports - CSE
=> Comodo EasyVPN - CEVPN
===> News / Announcements / Feedback - CEVPN
===> Help - CEVPN
=====> FAQ - CEVPN
===> Bug reports - CEVPN
=> Comodo AntiSpam - CAS
=> Comodo TrustConnect - CTC
=> HopSurf - CHS
=> Comodo Instant Malware Analysis Online - CIMA
=> Verification Engine - CVE
-----------------------------
Desktop Utilities & Services
-----------------------------
=> Comodo System Cleaner - File/Registry/Privacy Cleaner - CSC
===> News / Announcements / Feedback - CSC
===> Help - CSC
=====> FAQ - CSC
=> Comodo Cloud Scanner - CCS
===> News / Announcements / Feedback - CCS
===> FAQ - CCS
=> Live PC Support
-----------------------------
Business / Enterprise Security Products & Services
-----------------------------
=> Digital Certificates
===> Code Signing Certificate
===> Content Verification Certificate
===> Email Certificate
===> SSL Certificate
=> PCI DSS Compliance
=> Comodo Endpoint Security Manager
=> Two Factor Authentication for Web Applications
=> Trustlogo
=> Hacker Guardian
-----------------------------
Learn about Computer Security and Interact with Security Experts
-----------------------------
=> General Security Questions and Comments
=> Virus/Malware Removal Assistance
=> Leak Testing/Attacks/Vulnerability Research
=> Digital Certificates, Encryption and Digital Signing
=> Other Security Products
-----------------------------
International Comodo Forums
-----------------------------
=> International Comodo Forums
===> 汉语语言, 漢語語言 / Chinese Simplified, Traditional
===> Česky / Czech
===> Dansk / Danish
===> Nederlands / Dutch
===> Suomi / Finnish
===> Francais / French
===> Deutsch / German
===> ελληνικά / Greek
===> Magyar / Hungarian
===> Italiano / Italian
===> Nihongo / Japanese
===> Norsk / Norwegian
===> Polski / Polish
===> Português/Portuguese
===> Română / Romanian
===> По-русски / Russian
===> Slovenský / Slovak
===> Slovenščina / Slovenian
===> Espanol / Spanish
===> Svenska / Swedish
===> Turkce / Turkish
===> Українська / Ukrainian
===> Việt / Vietnamese
-----------------------------
Other
-----------------------------
=> Forum Policy Violation Board
-----------------------------
Archived Boards
-----------------------------
=> Discontinued Products
===> Comodo Anti-Viruspyware (CAVS)
=====> Help for Comodo AntiVirus
=====> FAQ for Comodo Anti-ViruSpyware
=====> Feedback/Comments/Announcements/News about CAVS
===> Comodo BOClean Anti-Malware
=====> Announcements
=====> Comodo BOClean Anti-Malware FAQ
===> Comodo Diskshield
===> Comodo Firewall
=====> Feedback/Comments/Announcements/News
=====> Help for v3
=====> Help for v2
=====> Frequently Asked Questions (FAQ) for Comodo firewall
=====> Comodo Firewall Translations
=====> Bug Reports
===> i-Vault
===> Launch Pad (Discontinued)
===> Comodo Meet (Web Conferencing Product) (Discontinued)
===> Comodo Memory Firewall(Buffer Overflow Protection)
=====> Comodo Memory Firewall Beta Corner
=====> Help
=====> Frequently Asked Questions (Comodo Memory Firewall)
=====> Feedback/Comments/Announcements/News
===> Safesurf
===> Trusttoolbar (Discontinued)
===> Trustfax (online faxing) (discontinued)
===> Trustix Enterprise Firewall
===> User Anywhere (Remote Access product) (Discontinued)
===> UserTrust - First Independent Website Rating - Empowering our users!
===> Comodo Vulnerability Analyzer - CVA
===> ZTL
Page created in 0.15 seconds with 21 queries.
Powered by SMF 1.1.11
|
SMF © 2006, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks
Design by
7dana.com