[Dshield] Should I be concerned about this?

Mercy Mercymail at mindspring.com
Wed Jun 26 00:34:33 GMT 2002


Zone alarm picked this up, and I've never seen this before, so I'm not sure what it is.

This is what the little Zone alarm window says about it:

"The firewall has blocked routed traffic from 68.71.167.143 to 222.174.130.106 (IP Protocol 117).

Time: 6/25/02 8:24:42 PM"

And, this is what the Zone Alarm page says about it, but i'm still confused:

"ZoneAlarm blocked an incoming data packet that was addressed to port 0 on another
computer. The packet was either mistakenly or intentionally routed through your
computer. The data packet was sent from port 0 on a computer whose IP address is
68.71.167.143.

This alert generally occurs either as a result of random routing problems on the Internet or
a configuration issue on a local network. If you are in a networked environment using NAT
or ICS, make sure you are using ZoneAlarm Pro on the gateway. ZoneAlarm does not
support NAT or ICS for gateways but can be used on the other networked machines."

When I do a whois on this IP... this is what I get:

68.71.167.143 has no reverse DNS configured.



     whois -h magic 68.71.167.143

     Trying whois -h whois.arin.net 68.71.167.143

     Adelphia Cable Communications (NETBLK-ADELPHIA-CABLE-4)
        Main at Water Street 
        Coudersport, PA 16915 
        US

        Netname: ADELPHIA-CABLE-4
        Netblock: 68.64.0.0 - 68.71.255.255
        Maintainer: ADEL

        Coordinator:
           Hostmaster, Adelphia  (AH102-ARIN)  ipadmin at adelphia.net
           814.274.0638 (FAX) 814.274.8457

        Domain System inverse mapping provided by:

        NS1.ADELPHIA.NET 64.8.29.73
        NS2.ADELPHIA.NET 64.8.29.105
        NS3.ADELPHIA.NET 64.8.1.246

        ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE

        Record last updated on 10-Apr-2002.
        Database last updated on  24-Jun-2002 20:00:57 EDT.

     The ARIN Registration Services Host contains ONLY Internet
     Network Information: Networks, ASN's, and related POC's.
     Please use the whois server at rs.internic.net for DOMAIN related
     Information and whois.nic.mil for NIPRNET Information.



     Trying whois -h whois.arin.net 68.71.167.143

     Adelphia Cable Communications (NETBLK-ADELPHIA-CABLE-4)
        Main at Water Street 
        Coudersport, PA 16915 
        US

        Netname: ADELPHIA-CABLE-4
        Netblock: 68.64.0.0 - 68.71.255.255
        Maintainer: ADEL

        Coordinator:
           Hostmaster, Adelphia  (AH102-ARIN)  ipadmin at adelphia.net
           814.274.0638 (FAX) 814.274.8457

        Domain System inverse mapping provided by:

        NS1.ADELPHIA.NET 64.8.29.73
        NS2.ADELPHIA.NET 64.8.29.105
        NS3.ADELPHIA.NET 64.8.1.246

        ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE

        Record last updated on 10-Apr-2002.
        Database last updated on  24-Jun-2002 20:00:57 EDT.

     The ARIN Registration Services Host contains ONLY Internet
     Network Information: Networks, ASN's, and related POC's.
     Please use the whois server at rs.internic.net for DOMAIN related
     Information and whois.nic.mil for NIPRNET Information.



     traceroute 68.71.167.143

                                                

      3    206.117.161.1    8.015 ms   DNS error [AS226] Los Nettos origin AS



Sorry, but this is all new to me.  Please remember I'm trying to learn, and make sence of this all.

Thanks in advance,

Mercy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.dshield.org/pipermail/list/attachments/20020625/d6525fda/attachment.htm


More information about the list mailing list