My firewall (ZoneAlarm free edition) keeps informing me that it has blocked IP addresses, which I think might be DNS/DHCP for my LAN. One such IP address is 126.96.36.199 (TCP Port 445) and the other is 188.8.131.52 (TCP Port 3438).
I opened a command prompt and did ipconfig /all, and it appears that these IP addresses are very similar to the DHCP Server and DNS Servers, i.e. they begin with 62. The numbers after 62 are all different.
Do I allow these IP addresses in ZoneAlarm? If so, will I need to specify an IP range, and if so what's likely to be the best? I'm fairly sure it's a LAN connection because once all the computers are off and not connected to the server the messages don't seem to come up.
I just tried something else in command prompt - tracert 184.108.40.206 and it appears to be NOT a LAN connection. Am I now in danger of being hacked since I allowed tracert to access it, or am I safe? After I noticed it was at a domain called (putting it shortly) ish.de I turned the cable modem off and back on again.
They both appear to be subdomains from ISPs - the first one is German, and the second IP address is comcast.net. I might be wrong here, but should I email comcast.net? It might be pointless because the usernames appear to be completely random, unless they can track them down via their IP address.
Sorry - my mistake. The DNS servers and DHCP servers actually refer to the broadband connection, although I am supposed to have DNS and DHCP set up on the LAN. Everything works fine but I get errors in Event Viewer.
What should I do about the two IP addresses still trying to access my computer?