[JHY-IC]

I use Zonealarm Professional v7.x.x and I have been noticing the little green and yellow bars that appear in the system tray with the addition of a new "blinking" little red icon.

Here are a few lines from the Zonealarm "Firewall" log:

Packet sent from 192.168.2.1 (TCP Port 3086) to 192.168.2.2 (TCP Port 2869) was blocked
Packet sent from 192.168.2.1 (TCP Port 3085) to 192.168.2.2 (TCP Port 2869) was blocked
Packet sent from 192.168.2.1 (TCP Port 3084) to 192.168.2.2 (TCP Port 2869) was blocked
Packet sent from 192.168.2.1 (TCP Port 3083) to 192.168.2.2 (TCP Port 2869) was blocked
Packet sent from 192.168.2.1 (TCP Port 3079) to 192.168.2.2 (TCP Port 2869) was blocked

I'm using a Belkin wireless router and this is what appears under the security log [note: this has been going on since yesterday]:

Mon Nov 12 10:16:18 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:16:18 2007 1 Blocked by DoS protection 68.87.68.163
Mon Nov 12 10:16:19 2007 1 Blocked by DoS protection 68.87.74.165
Mon Nov 12 10:16:19 2007 1 Blocked by DoS protection 68.87.68.165
Mon Nov 12 10:16:20 2007 1 Blocked by DoS protection 68.87.74.164
Mon Nov 12 10:16:23 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:16:31 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:16:36 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:16:39 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:16:44 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:16:46 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:16:47 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:16:50 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:16:59 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:16:59 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:17:02 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:17:07 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:17:11 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:17:17 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:17:32 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:17:32 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:17:34 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:17:38 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:17:38 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:17:40 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:17:41 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:17:44 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:17:45 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:17:45 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:17:46 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:17:47 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:17:50 2007 1 Blocked by DoS protection 73.238.234.1

Here are a few more recent with a new IP:

Mon Nov 12 10:35:46 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:35:48 2007 1 Blocked by DoS protection 68.87.74.165
Mon Nov 12 10:35:48 2007 1 Blocked by DoS protection 68.87.68.164
Mon Nov 12 10:35:48 2007 1 Blocked by DoS protection 68.87.74.165
Mon Nov 12 10:35:48 2007 1 Blocked by DoS protection 68.87.74.165
Mon Nov 12 10:35:48 2007 1 Blocked by DoS protection 68.87.74.165
Mon Nov 12 10:35:48 2007 1 Blocked by DoS protection 68.87.74.165
Mon Nov 12 10:35:49 2007 1 Blocked by DoS protection 68.87.68.164
Mon Nov 12 10:35:53 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:35:53 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:35:53 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:35:54 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 10:35:54 2007 1 Blocked by DoS protection 73.238.234.1

Mon Nov 12 11:55:15 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:55:17 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:55:20 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:55:21 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:55:29 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:55:38 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:55:39 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:55:44 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:55:45 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:55:47 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:55:50 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:55:50 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:55:52 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:55:54 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:55:56 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:55:58 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:56:05 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:56:14 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:56:17 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:56:17 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:56:22 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:56:24 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:56:32 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:56:35 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:56:35 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:56:37 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:56:37 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:56:38 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:56:39 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:56:45 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:56:46 2007 1 Blocked by DoS protection 73.238.234.1
Mon Nov 12 11:56:46 2007 1 Blocked by DoS protection 73.238.234.1

I have not noticed any decrease in internet performance. I am concerned that this could be an attack. Is there anyway to further investigate this?

Any help would be much appreciated.

Joseph

[SouthernMail]

I'm no expert but it looks like someone is trying to swamp (probe) your router. DoS stands for Denial of Service. I think your ZoneAlarm software is protecting you but you might want to get help from ZoneAlarm itself. They probably have a FAQ section for events such as this.

[lunarlander]

You can try switching off your modem for a few minutes and turning it back on again, hopefully you will get a different ip address so you wont be targeted no more.