I've setup my ipfw firewall on Mac Snow Leopard. In checking my console logs, I continually get this message:
Stealth mode connection attempt to UDP 10.8.4.14:(port) from ip address
The ip addresses are almost always the following ones
I looked up these addresses with http://whois.domaintools.com/
Some interesting results:
220.127.116.11 Russian Federation Ojsc Uralsvyazinfor
18.104.22.168 United States South Lake Tahoe Reliablehosting.com - Network Services
(Interesting message afterwards)
1 website uses this address. (example: uktranssexual.com)
22.214.171.124 United States Sarah
126.96.36.199 United States College Station Texas A&m University
188.8.131.52 Spain Barcelona Jazztel Triple Play Services
184.108.40.206 United States South Londonderry Fairpoint Communications I
220.127.116.11 United States Meadville Armstrong Cable Service
18.104.22.168 United States Milford Road Runner Holdco Ll
22.214.171.124 Spain Filnet Serveis I Comunicacions
126.96.36.199 United States Charlotte Carolina Internet Ltd
188.8.131.52 Taiwan Taipei Nextlink Ltd
There are more but I guess it's not worth posting?
What's most interesting is 184.108.40.206. There are many repeat occurrences of this. Almost all repeat at some point in the log, but this one in particular is quite often.
What are these connection attempts and should I be concerned?