level13@gmail.com wrote:
> The first line of
> defense is a (wired) LevelOne router/firewall, and none of the
> aforementioned ports is forwarded to the computer

LOL, about a serious as your second line of defense.

> Can someone explain to me what's wrong here

Nothing is wrong.

> and why these ports are coming through?

- They're actually NATed.
- Some furious NAT helper is forwarding heuristically.
- Your computer is already hijacked.

> Is it just a lousy firewall within the Level One router
> (but then again, how come there were no attempts like this before), or
> maybe some hackers' workarounds, or false routing within my network...

Or maybe ZoneAlarm is just a piece of crap that twists ingoing and
outgoing traffic, localloopback vs. eth communication, ...

level13@gmail.com wrote:
> I've noticed lately that my Zone Alarm has been showing entries in its
> firewall log that shouldn't be there. Namely, it blocks attempts from
> outside IPs to connect to ports such as 1300, 3155, 1904, 4759, 3618,
> 2997, 3029, 1366, 3286, 3357, 4590... With Zone Alarm being just the

Define outside IP, give sample. Is there any other computer connected to
same router.

> "second line of defense" this seems kind of weird. The first line of
> defense is a (wired) LevelOne router/firewall, and none of the
> aforementioned ports is forwarded to the computer (I even have UPnP
> turned off).

Recheck router settings: DMZ, Port Forwarding, Port Triggering, UPnP.
Did you change the way you connect to internet. If you use connection
from your computer, then ZA is first and only line of defence, NAT and
router firewall is by-passed.

> Can someone explain to me what's wrong here and why these ports are
> coming through? Is it just a lousy firewall within the Level One router
> (but then again, how come there were no attempts like this before), or
> maybe some hackers' workarounds, or false routing within my network...
>

ZA is not good choice in LAN. Sometime it just misconfigures. I use it
too (Application and outbound communication control). Check is your LAN
still in trusted zone in ZA, recheck all. Sometime ZA is almost
impossible to be configured in LAN, specially if ICS is used.

If NAT is properly configured, and there is no forwarded ports or
systems in DMZ, there should be no outside IPs. If there are, contact
techincal support.

wrote in message
news:1145342166.891115.280850@u72g2000cwu.googlegr oups.com...
> I've noticed lately that my Zone Alarm has been showing entries in
its
> firewall log that shouldn't be there. Namely, it blocks attempts
from
> outside IPs to connect to ports such as 1300, 3155, 1904, 4759,
3618,
> 2997, 3029, 1366, 3286, 3357, 4590... With Zone Alarm being just the
> "second line of defense" this seems kind of weird. The first line of
> defense is a (wired) LevelOne router/firewall, and none of the
> aforementioned ports is forwarded to the computer (I even have UPnP
> turned off).
> Can someone explain to me what's wrong here and why these ports are
> coming through? Is it just a lousy firewall within the Level One
router
> (but then again, how come there were no attempts like this before),
or
> maybe some hackers' workarounds, or false routing within my
network...

You can run a test at Shield's Up on your router to see if any ports
are open.
charlie R

>

charlie R wrote:

> You can run a test at Shield's Up on your router to see if any ports
> are open.

Or what about a serious and reliable online portscan?