Jump to content

Inbound Network Traffic Ip Helper Port is not open

Recommended Posts



Eset Internet Security ask me to allow or deny Inbound Network Traffic from Windows IP Helper Service, it's not IP I know,  and utorrent that I'm using is suppose to use port TCP 54xxx and not UDP port that shown there. my Utorrent doesn't use UDP .

I don't have any program that support this port.

Also my MikroTik Router Firewall doesn't have any rule for this port, means it is no exist to the wild and not open from Router Firewall perspective .

Why is this happening ? How can I detect what software or service did that ?  my first action is to block anyway, but should I figure why it is happening ? I don't want to create a rule and block cause I don't know how it will effect after.

What is the best practice to be done when those kind of alerts are showing ?


EDIT : Also I got  IP from Microsoft https://db-ip.com/

port 581856.jpg

Microsoft IP.jpg

Edited by x7007
Link to comment
Share on other sites

22 minutes ago, itman said:

Is Rodger's Communications your ISP provider?

No , I'm using Hotnet   from Israel .

This is a communication from outside in Romania I think.

I also added another picture showing that even Microsoft server want to communicate .  I don't know why.

Edited by x7007
Link to comment
Share on other sites

Ha, I've found out it's teredo .... but I didn't actually play any Xbox games yet or something, I just got the notification ..  The question is should I allow it or not ??

Type                    : client (Group Policy)
Server Name             : win10.ipv6.microsoft.com.
Client Refresh Interval : 30 seconds
Client Port             : unspecified
State                   : qualified
Client Type             : teredo client
Network                 : unmanaged
NAT                     : symmetric (port)
NAT Special Behaviour   : UPNP: No, PortPreserving: Yes
Local Mapping           :

Edited by x7007
Link to comment
Share on other sites

Appears others are observing the same new behavior: https://superuser.com/questions/1223051/service-iphlpsvc-netsvcs-creates-many-short-living-port-forwardings

If you recently updated to Creators Edition, might be related to that. Probably MS installed some new telemetry to spy on you.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...