# Zonealarm - www.routerlogin.com blocked



## Raeral (Apr 16, 2006)

Hi

My computer was recently cleaned by the tech support forum team here very succesfully. I am more than happy. As part of the clean-up process I was advised to install additional software, including Zonealarm. This I did.

When I first installed Zonealarm, it completely blocked access to the internet until I had configured my home network in the trusted zone as follows:
Zone: Trusted
IP Address: 192.168.0.1
IP Address: 192.168.0.255
Description: Home Network
following which internet access was restored.
In the meantime, I have allowed various programs access to the internet on the basis that none of them as far as I can see are malcicous.

I have run this setup for a couple of days and have just examined the logs. There are 8 entries similar to the following. All of them point to www.routerlogin.com. I have copied below three different ones where difference is based on the source IP address.
Description Packet sent from 192.168.0.4 (UDP Port 1025) to 192.168.0.1 (DNS) was blocked
Rating Medium
Date / Time 2006/04/21 04:02:12+1:00 GMT
Type Firewall
Protocol UDP
Program 
Source IP 192.168.0.4:1025
Destination IP 192.168.0.1:53
Direction Outgoing
Action Taken Blocked
Count 3
Source DNS Z3691013G
Destination DNS www.routerlogin.com

Description Packet sent from 192.168.0.4 (UDP Port 1029) to 192.168.0.1 (DNS) was blocked
Rating Medium
Date / Time 2006/04/21 04:03:36+1:00 GMT
Type Firewall
Protocol UDP
Program 
Source IP 192.168.0.4:1029
Destination IP 192.168.0.1:53
Direction Outgoing
Action Taken Blocked
Count 1
Source DNS Z3691013G
Destination DNS www.routerlogin.com

Description Packet sent from 192.168.0.4 (UDP Port 123) to 192.168.0.1 (UDP Port 123) was blocked
Rating Medium
Date / Time 2006/04/21 04:18:52+1:00 GMT
Type Firewall
Protocol UDP
Program 
Source IP 192.168.0.4:123
Destination IP 192.168.0.1:123
Direction Outgoing
Action Taken Blocked
Count 1
Source DNS Z3691013G
Destination DNS www.routerlogin.com


Is this dodgy activity? What is www.routerlogin.com?

Ps I should probably point out that I have a Netgear Wireless ADSL Firewall Router DG834G providing access to the internet on my home network. The router firewall is active and is configured as allow always outbound; Block always inbound.


----------



## chillermiller (Dec 19, 2007)

www.routerlogin.com is a website made by Netgear to configure your wireless router. The default Username for the website is: admin; and the password is: admin. The website is used to allow or block websites, change your security password, etc. Also the websites you were trying to visit should go to www.routerlogin.com because it hasto go through your firewall router before you can view the webpage.


----------



## johnwill (Sep 26, 2002)

Truthfully, all you have to do for your netgear is go to 192.168.1.1, there's no reason to screw around with that Netgear site. :smile:


----------



## chillermiller (Dec 19, 2007)

You must use www.routerlogin.com to manage your router from other computers not on the network.


----------



## Cellus (Aug 31, 2006)

This is not necessarily true if the router natively supports remote administration, which many do.


----------



## johnwill (Sep 26, 2002)

I'm not sure why remote administration enters into the mix. I never enable remote administration, I just do the configuration locally.


----------



## Cellus (Aug 31, 2006)

For Home/SOHO routers, it isn't necessary and isn't recommended due to security reasons. If you're not going to use it, you mind as well turn it off/disable it so no one else can. :wink:


----------

