RandomJoe 0 Posted September 22, 2016 Share Posted September 22, 2016 In the Firewall Troubleshooting section of ESET I will always have some sort of unknown device under recently blocked communications. The IP addresses are always different. Is this normal behavior? It still occurs even though I have done a complete reinstall of Windows 10 (unrelated to this) as well as having done a factory reset on my router and changed the SSID and password (no strange devices or DNS settings were ever listed in the router admin page but I did it anyway). I attached a screenshot below. When I do a Google search for these IP addresses I get some strange results (again, they are always different, it's not the same ones that pop up this is just what shows up currently). 38.90.226.28 comes up as ESET. 31.13.66.5 is Facebook Ireland. 69.195.158.194 is Joe's Data Center in Kansas City, Missouri. No idea why I'd get something from Facebook Ireland and have never heard of Joe's Data Center. Is something strange going on or is this nothing to worry about? Also, just as I'm about to post this I looked in Firewall Troubleshooting again and now three new blocked devices show up but I'm not going to bother to list them here, something new will always show up. Link to comment Share on other sites More sharing options...
RandomJoe 0 Posted September 22, 2016 Author Share Posted September 22, 2016 I decided to post a screenshot of recently blocked devices for the past hour now. Some of them may be repeats, I know ESET shows up again (which makes sense). So maybe they aren't always completely different. When I click on details so far they've only been listed as "TCP packet not belonging to any open connection". So I'm guessing that maybe this could just be normal traffic to and from my computer, but I have no idea. Link to comment Share on other sites More sharing options...
RandomJoe 0 Posted October 26, 2016 Author Share Posted October 26, 2016 (edited) It's been a while since I've posted, but I no longer have all sorts of activity in troubleshooting. Pretty much all of this activity has stopped. Problem is, I have no clue why. The only thing that's different now is I no longer have Chrome installed. However, that doesn't really explain why Chrome would have had anything to do with all sorts of random and strange connection attempts. I guess I could re-install Chrome to see if it starts up again but I'd rather not. Does anybody have any insight on this? It's all very strange and haven't been able to find out why this might have been taking place. ESET and Malwarebytes have never found anything wrong so it's not a virus or malware. Also, even when I had Chrome installed I rarely used it, Firefox was my main browser. I know Google Updater constantly runs in the background even when you're not using Chrome however. Edited October 26, 2016 by RandomJoe Link to comment Share on other sites More sharing options...
itman 1,758 Posted October 26, 2016 Share Posted October 26, 2016 (edited) I replied on this in a past posting. Usually when you see this type of activity especially when connections are being blocked to Eset servers, it is because the person overrode the default "Check TCP Connection Status" setting in the Packet Inspection sub-section of the IDS and advanced section for Eset firewall settings. That setting should remain disabled to prevent unstateful traffic e.g. UDP from being dropped. Edited October 26, 2016 by itman Link to comment Share on other sites More sharing options...
Recommended Posts