Custom Search
VoIP General
VoIP News
VoIP Provider
VoIP Hardware
VoIP Software
VoIP Technology
Havn't found what you want?? TRY GOOGLE SEARCH:
VoIP News
VoIP Provider
VoIP Hardware
VoIP Software
VoIP Technology
Havn't found what you want?? TRY GOOGLE SEARCH:
Custom Search
Win7 goes to boats with on-line.2011-01-09 | |||||||||||||||||||
|
Nextiva is a cloud based VoIP phone system, hosting lots of small and medium sized businesses nationwide. the provides UNLIMITED business calling for only $19.95 a month!! Click here for the detail about this promotion!!
Hello municipality,
I have the following problem. During the boat procedure, before the Desktop appears from Win7, concerns with the Fitzbox the DSL LED. With XP sp2 that was never the case. With zone alarm Security Suite 2010 let yourself that prevent if the entire I-Netverkehr with boats of Win7 becomes closed already. (red lock in the Tray) As soon as soon the barrier is waived goes, the Fritz box on transmission without the any Browser is started again immediately. WireShark indicates however only private IPs. The service: “I already deactivated SSDP search”. As soon as the svchost.exe is released by the Firewall, Win7 arranges to open apparently the Fritz box the DSL line. Point someone to advice, how with Win7 the Ultimate can be prevented? So far the DSL LED was always a safe indication that no program ungefragt tried into net to go. Naja, whether an LED can carry out, what you of it promise itself. Safe indication I would call the not straight. Finally is it however now times like that that with this operating system various services are started. It is to be looked for only over for updates to register you with the live-services or something similar. The SVC host is now times a file, which is responded by various services and to your computer runs at the same time several times. To prevent you will hardly be able to do it. Greeting telephone male You are right in so far that with the Surfen then the LED does not help me any longer. But I do not come yet times into the LAN without the Fritz box the DSL connection open. That does not please me and Surfen can I also over another PC no important data has the problem so long is not solved With Xp-AntiSpy I have as far as possible already everything closed. I think here in the board am really the specialists, who can cure also Win7 the Geschwtzigkeit. With XP it went nevertheless also. I always deactivate the network map, then Windows 7 cannot rummachen ungefragt. Hello, a) which the svchost.exe makes can you here Vintages, b) could be domestic animals: klickme c) Windows activation d) Windows update examination Thus look only times, what hides itself there behind. Mach a console up and give Code: task cunning /svc. Quotation:
I had also times Netlimiter3b7 testweise additionally to zone alarm drauf. Here clearly too recognizes that was the svchost.exe DestinationPort 53 and 5 a digit local haven to open would like. As soon as that became certified concerned the mentioned LED. This 5-digit haven changed after each restart of Win7. With the unfangreichen details from minutes of WireShark I have to draw to time still so my problems from it conclusions. A ARP Broadcastabfrage - Who has (IP Fritz box) Tell (ip-PC) - always comes and to it goes the box on the net as the first. Then ca.3 other positions come, but in my opinion the box then already is on transmission. The box does not develop because of the ARP Request a connection to the Internet. What are contents of the package, which is sent at haven 53? You must use the perfect Firewall, to begin between fragments and modem (thus Fritz box). http://tinyurl.com/9gvu2 Why should ARP aRequest on the DNS haven take place, in order to assign an MAC address of a IP? It is, which would operate PC functioned as Proxy and Spoofing, would be ergo my point b) enumerating very appropriate. I have times the first 10 headlines out we-rake copied (ARP inquiries has I way-let.) 3 0,000535 192.168.178.28 192.168.178.1 DNS Standard query PTR 252.0.0.224.in addr.arpa 5 2.719060 192.168.178.28 192.168.178.1 DNS Standard query A zonelabs.com 6 2.719922 192.168.178.1 192.168.178.28 DNS Standard query response A 209.87.209.44 9 9.998667 192.168.178.28 192.168.178.1 DNS Standard query PTR 255.255.255.255.in addr.arpa 10 12,630979 192.168.178.28 192.168.178.1 DNS Standard query A sp.cwfservice.net The IP 209.87.209.44 is from zone alarm (ZoneLabs.com) those has I in the Firewall closed. To entry appear in red with we-rake Microsoft I have IP rank from 65.52.0.0 to 65.55.255.255 times attempt for the sake of completely closed. Without result Looks for zone labs for updates and “sp.cwfservice.net” also by zone labs is used, but looks you here... Originate these we raking lines from the Mitschnitt on level the Fritz! Box, or cuts that PC/another network equipment also? I would assume that the DNS inquiry in the two addresses (also) against the DNS server of the Providers is placed - forces the connection establishment. Greeting, Yielding pool of broadcasting corporations I had already read the report. sp.cwfservice.net in my opinion only used if the safety device for children is activated. The appropriate IPs emerged also at first in we raking minutes. After the safety device for children was not deactivated appeared it no more. Which is called DNS standard query A sp.cwfservice.net or DNS standard query A zonelabs.com? Nevertheless only meie local IPs appears under SOURCE and Destination, therefore nevertheless no data traffic takes place outward. Why then the Fritz box opens. @wichard I just see that your argument gives probably exactly the answer to my objection. What can do man dennn against it? The PC logs over WiresShark also Cure the automatic update to the programs (however, I know these in the special one not)… Greeting, Yielding pool of broadcasting corporations @wichard, that is nothing to add… 
Quotation:
Quotation:
The only one, which you can do against it, is, to avoid this inquiry from the PC to. If at all. there would have to be in the appropriate program an attitude, in order to prevent. Otherwise you can consider yourself, what is more important to you: The program, or that the box does not go to automatically on-line. Hello RalfFriedl, thanks for the explanation even comprehensible for an a riser. In zone alarm so far everything is deactivated, which can telephone to house and will partly rerouted in the Nirwana. What makes the haven 53? Is outward responsible only for this DNS the inquiries. I have it times into the Firewall closed the box opens however nevertheless. LAN and in T connectors funzen nevertheless. Which would happen, if I closed in the box if that am possible. I do not mean these problems with XP gave it nevertheless. Haven 53 is general for DNS inquiries. Whether for the answer after access outside it is necessary or not, depends on the concrete inquiry. If that still functions to Internet, then haven 53 is probably not closed, configurations with Proxy times excluded. Look nevertheless times, what is sent now still at packages. I have times from the headline - Standard query A zonelabs.com - the Afrage after haven 53 rauskopiert. This line was of we-rakes red marked. Probably because of (error/Checksum) Internet Protocol, Src: 192.168.178.28 (192.168.178.2  , Dst: 192.168.178.1 (192.168.178.1)Version: 4 Header length: 20 bytes Differentiated services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 0000 00.. = Differentiated services code POINT: Default (0x00) .... ..0. = ECN Capable transport (ECT): 0 .... … 0 = ECN-CE: 0 Totally length: 58 Identification: 0x0037 (55) Flag: 0x00 0.. = Reserved bit: Emergency set .0. = Don't fragment: Emergency set . .0 = More of fragment: Emergency set Fragment offset: 0 Time to Live: 128 Protocol: UDP (17) Header checksum: 0x0000 [, should 0x550d incorrect] [Good: False] [Bath: True] [Expert info. (error/Checksum): Bath checksum] [Message: Bath checksum] [Severity level: Error] [Group: Checksum] SOURCE: 192.168.178.28 (192.168.178.2 Destination: 192.168.178.1 (192.168.178.1) User Datagram Protocol, Src haven: 61899 (61899), Dst haven: domain (53) SOURCE haven: 61899 (61899) Destination haven: domain (53) Length: 38 Checksum: 0xe5a6 [validation disabled] Domain Name System (query) [Response in: 4] Transaction ID: 0x8856 Flag: 0x0100 (standard query) 0... .... .... .... = Response: Message is A query .000 0... .... .... = Opcode: Standard query (0) .... ..0. .... .... = Truncated: Message is emergency truncated .... … 1…. .... = Recursion desired: DO query recursively .... .... .0.. .... = Z: reserved (0) .... .... … 0…. = Non authenticated DATA of OK ONE: Non authenticated DATA is unacceptable Questions: 1 Answer RRs: 0 Authority RRs: 0 Additional RRs: 0 Queries zonelabs.com: type A, class IN Name: zonelabs.com Type: A (host address) Class: IN (0x0001) I hope you can thereby which begin The whole up there contains also not more useful information than the line in the older contribution: “192.168.178.28 192.168.178.1 DNS standard query A zonelabs.com”. And the answer is also the same: The computer asks the box for “zonelabs.com”, goes to on-line and asks the external DNS server. The box gets the answer and passes it on to the PC. If you thus already see the DNS inquiries, you do not have to surprise that the box on-line go yourself, as soon as she gets any after DNS inquiry an external name. The box blocks only inquiries from the outside. This comes however from the inside apparently from zone labs. Why zone alarm the blocked haven 53 permits must I still clarify. Does Win7 come over-struck clearly, if with the Surfen for the svchost.exe haven 53 is close? I have the Kaspersky Firewall in the version 7 with older PCs with XP and was very content thereby. Unfortunately only the 2010ner version goes with 64 bits. Those totally was umgekrempelt and makes which it wants, so similarly as by Symantec. Otherwise one can steer zone alarm Security Suite very well. Above all it prevents the Win7 with the boat procedure already on-line goes. In this condition one cannot over-strikes no more to control, what runs over the network map. Without Firewall went with the Fritz box even during the PC down-drives the DSL LED on. That was complete inakzeptabel. Quotation:
Of it I already read here in the board. The question is only, the haven 53 for the Surfen is used. Meanwhile have I those zonelabs.com and those sp.cwfservice.net times testweise into the host file of Windows rerouted. Thereupon this DNS inquiries does not appear any more in minutes. Unfortunately the box opens still, because the following emerge now: 3 0,000539 192.168.178.28 192.168.178.1 DNS Standard query PTR 255.255.255.255.in addr.arpa 7 9,999017 192.168.178.28 192.168.178.1 DNS Standard query PTR 252.0.0.224.in addr.arpa 8 19,998710 192.168.178.28 192.168.178.1 DNS standard query PTR 1.178.168.192.in addr.arpa From where come now? One could still understand that these inquiries come if one a Browser open, but one in the LAN is disturbs me that so long much. Possibly one must try nevertheless times the haven over the Fritz box to close, if that makes sense. Quotation:
All addresses x.x.x.y.in addr.arpa. with y from 224 to inclusive. 239 (x = 0..255) is multicast addresses. Windows uses, in order to receive certain events in the network. Netbios uses that to be found in order to determine, who is everything in the network. The FBF does not let these through normally, it is, it is explicitly geroutet. 255.255.255.255 is a Broadcast, which does not go just as to outside. If you activated DHCP, so that the PC gets initially its IP address, then is also still DHCP traffic to determine. DNS traffic is just as normally, there some programs itself only times over updates, licenses etc. inform, if they start. Generally haven 53 is not harmful, however one can use arbitrary minutes over it. For this reason it is good, if only that makes a NAT routing DNS Lookups and the LAN Clients these ask. However unfortunately only UDP DNS Lookups implement most NAT routing, i.e. for very long results is so if necessary. do not dropbake on TCP any longer possible for that - which host not indicated as found. Happened regularly with very long host names e.g. of ebay. Thus one should permit DNS Lookups of the Clients after outside. Long speech short sense: only “Internet-worthy” traffic might initially probably consist of DNS Lookups and updates/license checks. If you do not wear with boats measuringclose, which wants to exchange itself only everywhere registered and Presence information, can be blocked by zone alarm gladly completely, whereby however zone alarm is also not completely quiet  --gandalf. Hello gandalf94305, is not bad me, but I it only partly understood. According to my minutes the haven becomes 53 already with the inquiry - DNS standard query PTR 255.255.255.255 - opened. Thus nevertheless the box opens then already. I see also at the mentioned LED it am by the way UDP-DNS inquiries. If this DNS is necessary inquiries, why then the Fritz box remained with XP no Browser was calmly so long opened. One would have to be able to manufacture this condition nevertheless also under Win7. The haven is opened not “with an inquiry”, the haven is always open. Did you check that really exactly this is the inquiry, which leads for the setting up the connection? Yes, with this line the box opens. I times the network cable at the SWITCH directly after the box the LED activated pulled out. Afterwards it is no longer attainable for the PC and it appears then also no further entries more in the WireShark minutes, but the LED is on. In rare cases it occurs also times that the DNS - inquiry after 252.0.0.224 still appears. That can be however because of the fact that the plug was pulled too late. 1.168.178.192 belongs to the Asia Pacific network information Centre. Those use the entire IP range with unity in the first place. The server, that 1.168.178.192 uses is allegedly somewhere in China. No notion from where the inquiry comes. But it emerges always only later and if the plug is not pulled in time no more. Thus, the box makes in any case already with that - DNS standard query PTR 255.255.255.255.in addr.arpa up. Perhaps you have possibility of finding out which program arranges this inquiry. Otherwise you can try to prevent this inquiry by an entry in the host file. In view of its that you know, as one out-gotten, to which the address 1.168.178.192 belonged surprises it me that you do not know that for the address 192.168.178.1 is asked here. Quotation:
Quotation:
Quotation:
Quotation:
Greeting, Yielding pool of broadcasting corporations Thus first times thank you people, for your patience with me. So that no misunderstandings develop, I listed times the expiration: 1. I start Win7 2. If everything raised is already the Icon of zone alarm red. All network traffic (LAN and Internet) is blocked and the box remains quiet from the outset. 3. I start WireShark and activate live minutes of the network map 4. I release network traffic over the red Icon of zone alarm. 5. now logged we-rake all data those over the mains circuit board run. 6. As soon as the LED goes on pulls I the network cable immediately. 7. Before a new attempt with the restart is started by Win7, I close the cable and separate I the DSL connection with Reconnect. Since minutes of we-rake also lag behind could, I made times the attempt with the pulling of the network cable out. There apparently does a mistake in reasoning lie in it, or as I understand that? I have to draw times all headlines now from minutes copied from without the plug. The ARP lines has I way-let. 3 0.000531 192.168.178.28 192.168.178.1 DNS Standard query PTR 252.0.0.224.in addr.arpa 10 9.998751 192.168.178.28 192.168.178.1 DNS Standard query PTR 255.255.255.255.in addr.arpa 11 11.396586 192.168.178.28 192.168.178.255 BROWSER Domain/Workgroup Announcement WORKGROUP, NT workstation, Domain Enum 12 12.077979 192.168.178.28 224.0.0.252 LLMNR Standard query A dns_registration 13 12.166186 192.168.178.28 224.0.0.252 LLMNR Standard query A dns_registration 14 19.998599 192.168.178.28 192.168.178.1 DNS Standard query PTR 1.178.168.192.in addr.arpa 17 20.009104 192.168.178.1 192.168.178.28 DNS Standard query response PTR fritz.wlan.box Afterwards the data traffic stops. The Fritz box opened the DSL connection in each case then equal at the beginning. You have possibly. still another a further PC/laptop, with which you can along-cut traffic times ON the BOX, while the PC can high-load bootet and then the WHOLE Capture here? On the box it gives (hidden) mtzuschneiden the possibility, everything that runs over the box, (package with cut on DSL level (standard)). Greeting, Yielding pool of broadcasting corporations The difference between Vienna XP and Vienna 7 could consist of the fact that Vienna XP for the multicast and Broadcast addresses did not make DNS Lookups, while Vienna accomplishes 7 this now. I see here however still nothing exciting in the age of the Internet Flatrates to concern. --gandalf. Thus without really knowing that now, I would state that you do not have influence on the behavior with Win7, just like probably also with Vista, and that Internet access be turned off could not. Depending on where Microsoft inserted the “Internet recognition” (thus white I absolutely not), is to zone alarm, or other Desktop Firewalls may not times in the situation it block *g* and logging he programs those on the same PC run it not times received: Because since vienna Vista is in the operating system the “Internet recognition” inserted, already the Systray Icon and naturally also the network and release center it says to you since Vista directly, whether only a local network network exists, or Internet access - this feature did not give it under XP yet. And I do not expect there the fact that Win7/Vista wait there simply only, whether after 20-30 seconds the first viruses knock for Internet recognition then would be the function behind a rout Firewall already expenditure-levered, separate I go out of the fact that Windows sends simply and moving an inquiry in Internet - and more normally rout goes then to naturally on-line, if in the local network an access is to take place somewhere on Internet, is with you also like that *g* And there I would not expect now necessarily that this behavior can be blocked over a Desktop Firewall, which touches down for its part on the network connection. It leaves itself possible by a DNS Servereintrag, or to gateway address to repair, configured wrongly, one would have to then register times 192.168.178.x (x= not the Router-IP/.1 and also not the IP of the own PC), but then has one naturally first times rumzubasteln, in order to come then into Internet, therefore probably also not wished. … or one rout use, with which the Internet connection can be diminished actually manually up and (half) automatically. AFAIR was with some SMC models like that. VoIP with I having only sometimes Internet does not make also sense so correct… Greeting, Yielding pool of broadcasting corporations Quotation:
Quotation:
Quotation:
Additionally to zone alarm the Netlimiter 3 beta 7 is installed. Those gives it in the 64bit beta version as free time-limited test version. With that one can switch the Limiter off function and has then a small simple Firewal. With this combination one can access with the blocked zone alarm attitude (red lock in the Tray) on the LAN. The Fritz box remains calm with boats, with the Runterfahren and with the LAN access. If one wants to access on Internet, clicks on the red lock Icon and one is enough knows Surfen if one wants. As soon as one from the I-Net steps out can by one clicks by Reconnect the box to be again closed. The PC consists finally of some more than the Internet. I slope in addition Internet predominantly with a second PC, only unimportant data contains anyway too used. But a Pentium3 is always enough. Perhaps nevertheless still another solution is perfect within this Treads. Specialized knowledge is available sufficiently. I must say honestly, here not become a risers rarely rejecting treated, even if they place still so stupid questions, find one. Quotation:
Quotation:
You should make again a Mitschnitt like mentioned above, first still another important note: The Mitschnitt knows possibly user names and passwords contained in the plain language (DSL, Mail, measuring close,… entrance data). Please thus uncontrolled do not high-load completely, if necessary. “anonymizate” or only trust Greeting, Yielding pool of broadcasting corporations Perhaps you stop simply times the services fr's home network… You is clear that all programs, which as a check of network traffic on the PC are installed, which they are to control this to be able only if the operating system is so far ready and is also started these programs/services? Speak: While the raising Windows can make still, what wants it and it wanted to control - in my opinion - little purpose somewhat, which can only with second PC/routs is out made, entire network traffic from the PC start along-cut. And a comparison of Vienna 7 with XP limps enormously, the differences will be so serious, so that a comparison of the behaviors will be one of pears and apples. Quotation:
Quotation:
Quotation:
For the behavior of Windows however Microsoft is responsible. Otherwise the PC is not endangered, if it behind one rout hangs. Only then any longer if that is not noticeable not from Microsoft to come should. Quotation:
There an alleged security to search, is unreasonable. As would be it, if the alleged rogue waits simply so long on the PC with the establishment of contact to its gentleman and master, until a connection is established. There you will be able to change also nothing to. Also not with the alleged security of a personnel Firewall. (, There are already parasits, which visualize a PC with all hardware, so that it is possible neither for the BS nor L.G., to recognize before it the sitting and all controlling rogue.) If sooooo is important to you, then drive harder cannons and lead all data traffic over an inserted Firewall PC. @Novize: Probably was! One calls IPCop sowas, or Fortinet, or, or… Since the whole fuss represents a Fritz Internet problem in keinster way, I have shifted after general… |
