Jump to content

Firewall Troubleshooting frequently has unknown devices blocked


Recommended Posts

In the Firewall Troubleshooting section of ESET I will always have some sort of unknown device under recently blocked communications. The IP addresses are always different. Is this normal behavior? It still occurs even though I have done a complete reinstall of Windows 10 (unrelated to this) as well as having done a factory reset on my router and changed the SSID and password (no strange devices or DNS settings were ever listed in the router admin page but I did it anyway). I attached a screenshot below.

 

When I do a Google search for these IP addresses I get some strange results (again, they are always different, it's not the same ones that pop up this is just what shows up currently).

 

38.90.226.28 comes up as ESET.

31.13.66.5 is Facebook Ireland.

69.195.158.194 is Joe's Data Center in Kansas City, Missouri.

 

No idea why I'd get something from Facebook Ireland and have never heard of Joe's Data Center. Is something strange going on or is this nothing to worry about? Also, just as I'm about to post this I looked in Firewall Troubleshooting again and now three new blocked devices show up but I'm not going to bother to list them here, something new will always show up.

post-13821-0-64241900-1474561763_thumb.jpg

Link to comment
Share on other sites

I decided to post a screenshot of recently blocked devices for the past hour now. Some of them may be repeats, I know ESET shows up again (which makes sense). So maybe they aren't always completely different. When I click on details so far they've only been listed as "TCP packet not belonging to any open connection". So I'm guessing that maybe this could just be normal traffic to and from my computer, but I have no idea.

post-13821-0-12859800-1474585365_thumb.jpg

Link to comment
Share on other sites

  • 1 month later...

It's been a while since I've posted, but I no longer have all sorts of activity in troubleshooting. Pretty much all of this activity has stopped. Problem is, I have no clue why. The only thing that's different now is I no longer have Chrome installed. However, that doesn't really explain why Chrome would have had anything to do with all sorts of random and strange connection attempts. I guess I could re-install Chrome to see if it starts up again but I'd rather not. Does anybody have any insight on this? It's all very strange and haven't been able to find out why this might have been taking place. ESET and Malwarebytes have never found anything wrong so it's not a virus or malware. Also, even when I had Chrome installed I rarely used it, Firefox was my main browser. I know Google Updater constantly runs in the background even when you're not using Chrome however.

Edited by RandomJoe
Link to comment
Share on other sites

I replied on this in a past posting.

 

Usually when you see this type of activity especially when connections are being blocked to Eset servers, it is because the person overrode the default "Check TCP Connection Status" setting in the Packet Inspection sub-section of the IDS and advanced section for Eset firewall settings. That setting should remain disabled to prevent unstateful traffic e.g. UDP from being dropped.

Edited by itman
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...