Apologies if this is the wrong forum to post this, it's my best guess.
I've setup my ipfw firewall on Mac Snow Leopard. In checking my console logs, I continually get this message:
Stealth mode connection attempt to UDP 10.8.4.14:(port) from ip address
The ip addresses are almost always the following ones
178.47.171.97
216.131.95.20
71.146.211.156
128.194.77.181
87.221.235.25
70.109.191.180
72.23.181.106
174.103.147.143
217.149.5.169
209.59.255.39
210.242.195.50
I looked up these addresses with
http://whois.domaintools.com/Some interesting results:
178.47.171.97 Russian Federation Ojsc Uralsvyazinfor
216.131.95.20 United States South Lake Tahoe Reliablehosting.com - Network Services
(Interesting message afterwards)
Reverse IP:
1 website uses this address. (example: uktranssexual.com)
71.146.211.156 United States Sarah
128.194.77.181 United States College Station Texas A&m University
87.221.235.25 Spain Barcelona Jazztel Triple Play Services
70.109.191.180 United States South Londonderry Fairpoint Communications I
72.23.181.106 United States Meadville Armstrong Cable Service
174.103.147.143 United States Milford Road Runner Holdco Ll
217.149.5.169 Spain Filnet Serveis I Comunicacions
209.59.255.39 United States Charlotte Carolina Internet Ltd
210.242.195.50 Taiwan Taipei Nextlink Ltd
There are more but I guess it's not worth posting?
What's most interesting is 216.131.95.20. There are many repeat occurrences of this. Almost all repeat at some point in the log, but this one in particular is quite often.
What are these connection attempts and should I be concerned?
OSCP - Offensive Security Certified Professional : Failed my first attempt at the OSCP exam
