This is just normal DHCP noise from one of your ISP's DHCP servers. You can safely either allow or deny it. Won't make any difference. I get this all the time here on my cable connection and some firewalls deny it (Sygate for example) and others allow it. Nothing to worry about.
If you can get it out of the logs that's great.. I find a log full of those entries annoying too. Blocking it is fine and will probably make you feel more secure anyway. If you experience any problems with your machine when it tries to renew your dhcp lease then you may have to allow it, but otherwise that should be fine.
Unnecessary connections are always BW eaters, and can contribute to program crashes (I keep getting that on NWN, a very sensitive online game). Firewalling such activity is an improvement.
I was about to shell out for a router just to do that, and stop the other port scans which continue to be a problem. Then I discovered that the new mobo I just ordered (ASUS A8N) comes with a separate firewall processor on board. :)
Hi...I have Kerio 4.1.3 PF and everything seems to be working fine. I am curious though about my logs which show a continuous (about three times per second) stream of UDP data. I haven't been able to find anything as to what this is and if anything needs to done. These are the details:
Description: Unopened Port Application: N/A Direction: In Local Point: 255.255.255.255:bootpc Remote Point: 10.117.198.1:bootpc Protocol: UDP Action: Permit
I tried opening the url 10.117.198.1 and got a "connection refused" flag. Looking up 10.117.198.1 on www.whois gives an organization located in Ca.,USA called "Internet Assigned Numbers Authority" (IANA) which apparently has a range of domains from 10.0.0.0 to 10.255.255.255 reserved "for special purposes". All of which only tells me the url is real and so is the organization sending me these UDP data to an unopened port. Is it for a legitimate purpose? If so what is it? Should I block 10.117.198.1 or the whole range of 10.0.0.0 to 10.255.255.255? Any info or pointer to a good reference site for reading would be appreciated. Regards, Nick
Duane Arnold wrote in news:OZDxe.114260$x96.58595@attbi_s72:
Thanks for the search suggestion. For some reason I kept trying variations of boot, pc, and the domain number and never thought to look at some of the data from Whois. Nick
Kerodo wrote in news: snipped-for-privacy@news.west.cox.net:
OK Thanks. As long as it has no importance I'll probably just block it if for no other reason than to eliminate the wallpaper of it's record in my logs. Nick
Based on what I've read about it, it's just a NAT router on the motherboard.
There is also the issue of exploits - if you want to fix one you will need to flash the BIOS, which is always a risk to the entire system. With a NAT box you have a long history, a replacable device that doesn't hurt your PC, and you have a known product.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.