ZoneAlarm and NAT Router: How long to timeout?



  • 1. FR114P detect the printer but doesn't print
    I try to print on a HP Laserjet 1005 (Win2000). The configuration seems to be ok, the spooler handle the print job without error message, and no print. What could it be ? Thanks in advance for your help. Pierre
  • 2. Upgrade Norton Internet Security 2003 to 2004?
    Hi, I have OEM version of NIS'03 installed on Win'98 computer. It's been a year already and I need either upgrade it to 2004 or simply get another year of updates for the same. Which way should I go? Is there anything in 2004 that makes it significantly better than 2003? I'm not planning to switch to a different vendor (even if it's free) at the present time. TIA
  • 3. Norton Internet Security - automatically add contacts
    Does anyone know of a utility that will automatically add all my address book contacts into the Not Spam setting? Its really annoying having to trawl through all the messages flagged as Spam Alert for one that might just be from someone I know! -- "If everyone followed my method of deleting all but the snippet of an earlier message they were replying to then these newsgroups would be a hell of a lot easier to read"

ZoneAlarm and NAT Router: How long to timeout?

Postby Brian Smither » Sun, 21 Sep 2003 12:24:59 GMT

In looking at ZoneAlarm's log files, I see where it has blocked incoming 
packets destined for my newsreader. Now, I don't recall if my newsreader 
was up and running at the time the packet was blocked, but it raises a 
couple of questions.

1) Usually, a NAT router will not transfer an incoming packet to a 
destination machine unless the destination machine (client) has initiated 
some sort of contact. (Or if port forwarding is turned on, which it is 
not.) Thus, an internally generated packet to an NNTP server:port119 will 
create a table entry in the NAT router and returning packets are routed 
accordingly. How long will this table entry exist?

2) Likewise with ZoneAlarm: How long will ZoneAlarm continue to *not* block 
packets expected by an application when that application has been 
terminated? For example, I fired up Aqualime (a LimeWire P2P clone) for 
about 5 minutes. Then I shut it down. About 15 minutes later, PeerGuardian 
is reporting that connections were denied from a known undesirable source. 
The second part to this question is: does PeerGuardian intercept the 
connection first or does ZoneAlarm?


Brian Smither

Remove INVALID from e-mail address.

Return to firewall


Who is online

Users browsing this forum: No registered users and 45 guest