1. Home
  2. Networking Firewalls
  3. URGENT - Logs - outgoing 443 traffic

URGENT - Logs - outgoing 443 traffic

Hi, I seem to have a machine opening up gawd knows how many ports contacting some IP. A possible trojan? I don't know the ip.

1 11/16/2004 09:43:45 Firewall default policy: TCP (L to W) 192.168.0.14:1118 193.108.72.64:443 ACCESS FORWARD 2 11/16/2004 09:43:45 Firewall default policy: TCP (L to W) 192.168.0.14:1117 193.108.72.64:443 ACCESS FORWARD 3 11/16/2004 09:43:44 Firewall default policy: TCP (L to W) 192.168.0.14:1116 193.108.72.64:443 ACCESS FORWARD 4 11/16/2004 09:43:44 Firewall default policy: TCP (L to W) 192.168.0.14:1115 193.108.72.64:443 ACCESS FORWARD 5 11/16/2004 09:43:44 Firewall default policy: TCP (L to W) 192.168.0.14:1114 193.108.72.64:443 ACCESS FORWARD 6 11/16/2004 09:43:44 Firewall default policy: TCP (L to W) 192.168.0.14:1113 193.108.72.64:443 ACCESS FORWARD 7 11/16/2004 09:43:44 Firewall default policy: TCP (L to W) 192.168.0.14:1112 193.108.72.64:443 ACCESS FORWARD 8 11/16/2004 09:43:44 Firewall default policy: TCP (L to W) 192.168.0.14:1111 193.108.72.64:443 ACCESS FORWARD 9 11/16/2004 09:43:44 Firewall default policy: TCP (L to W) 192.168.0.14:1110 193.108.72.64:443 ACCESS FORWARD 10 11/16/2004 09:43:43 Firewall default policy: TCP (L to W) 192.168.0.14:1109 193.108.72.64:443 ACCESS FORWARD 11 11/16/2004 09:43:43 Firewall default policy: TCP (L to W) 192.168.0.14:1108 193.108.72.64:443 ACCESS FORWARD 12 11/16/2004 09:43:43 Firewall default policy: TCP (L to W) 192.168.0.14:1107 193.108.72.64:443 ACCESS FORWARD 13 11/16/2004 09:43:43 Firewall default policy: TCP (L to W) 192.168.0.14:1106 193.108.72.64:443 ACCESS FORWARD 14 11/16/2004 09:43:43 Firewall default policy: TCP (L to W) 192.168.0.14:1105 193.108.72.64:443 ACCESS FORWARD 15 11/16/2004 09:43:43 Firewall default policy: TCP (L to W) 192.168.0.14:1104 193.108.72.64:443 ACCESS FORWARD 16 11/16/2004 09:43:42 Firewall default policy: TCP (L to W) 192.168.0.14:1103 193.108.72.64:443 ACCESS FORWARD 17 11/16/2004 09:43:42 Firewall default policy: TCP (L to W) 192.168.0.14:1102 193.108.72.64:443 ACCESS FORWARD 18 11/16/2004 09:43:42 Firewall default policy: TCP (L to W) 192.168.0.14:1101 193.108.72.64:443 ACCESS FORWARD 19 11/16/2004 09:43:42 Firewall default policy: TCP (L to W) 192.168.0.14:1100 193.108.72.64:443 ACCESS FORWARD 20 11/16/2004 09:43:41 Firewall default policy: TCP (L to W) 192.168.0.14:1099 193.108.72.64:443 ACCESS FORWARD 21 11/16/2004 09:43:41 Firewall default policy: TCP (L to W) 192.168.0.14:1098 193.108.72.64:443 ACCESS FORWARD 22 11/16/2004 09:43:39 Firewall default policy: TCP (L to W) 192.168.0.14:1097 193.108.72.64:443 ACCESS FORWARD 23 11/16/2004 09:43:39 Firewall default policy: TCP (L to W) 192.168.0.14:1096 193.108.72.64:443 ACCESS FORWARD 24 11/16/2004 09:43:39 Firewall default policy: TCP (L to W) 192.168.0.14:1095 193.108.72.64:443 ACCESS FORWARD 25 11/16/2004 09:43:39 Firewall default policy: TCP (L to W) 192.168.0.7:1930 80.229.154.244:80 ACCESS FORWARD 26 11/16/2004 09:43:39 Firewall default policy: TCP (L to W) 192.168.0.14:1094 193.108.72.64:443 ACCESS FORWARD 27 11/16/2004 09:43:39 Firewall default policy: TCP (L to W) 192.168.0.14:1093 193.108.72.64:443 ACCESS FORWARD 28 11/16/2004 09:43:38 Firewall default policy: TCP (L to W) 192.168.0.14:1092 193.108.72.64:443 ACCESS FORWARD 29 11/16/2004 09:43:38 Firewall default policy: TCP (L to W) 192.168.0.14:1091 193.108.72.64:443 ACCESS FORWARD 30 11/16/2004 09:43:38 Firewall default policy: TCP (L to W) 192.168.0.7:1929 80.229.154.244:80 ACCESS FORWARD 31 11/16/2004 09:43:38 Firewall default policy: TCP (L to W) 192.168.0.14:1090 193.108.72.64:443 ACCESS FORWARD 32 11/16/2004 09:43:38 Firewall default policy: TCP (L to W) 192.168.0.14:1089 193.108.72.64:443 ACCESS FORWARD 33 11/16/2004 09:43:38 Firewall default policy: TCP (L to W) 192.168.0.7:1928 80.229.154.244:80 ACCESS FORWARD 34 11/16/2004 09:43:38 Firewall default policy: TCP (L to W) 192.168.0.14:1088 193.108.72.64:443 ACCESS FORWARD 35 11/16/2004 09:43:37 Firewall default policy: TCP (L to W) 192.168.0.14:1087 65.54.183.192:443 ACCESS FORWARD 36 11/16/2004 09:43:37 Firewall default policy: UDP (L to W) 192.168.0.14:1029 212.159.11.150:53 ACCESS FORWARD 37 11/16/2004 09:43:37 Firewall default policy: TCP (L to W) 192.168.0.14:1085 193.108.72.64:443 ACCESS FORWARD 38 11/16/2004 09:43:37 Firewall default policy: UDP (L to W) 192.168.0.14:1029 212.159.11.150:53 ACCESS FORWARD 39 11/16/2004 09:43:37 Firewall default policy: TCP (L to W) 192.168.0.14:1084 207.46.107.58:1863 ACCESS FORWARD 40 11/16/2004 09:43:36 Firewall default policy: TCP (L to W) 192.168.0.7:1927 80.229.154.244:80 ACCESS FORWARD 41 11/16/2004 09:43:36 Firewall default policy: TCP (L to W) 192.168.0.14:1083 66.102.11.99:80 ACCESS FORWARD 42 11/16/2004 09:43:36 Firewall default policy: TCP (L to W) 192.168.0.14:1082 207.46.104.20:1863 ACCESS FORWARD 43 11/16/2004 09:43:36 Firewall default policy: UDP (L to W) 192.168.0.14:1029 212.159.11.150:53 ACCESS FORWARD
Reply to
barney
Loading thread data ...

That's the HSBC. Where you doing Internet banking at the time?

PlusNet, are you a PlusNet customer?

Microsoft

PlusNet DNS; seems you are a PlusNet customer.

Microsoft, maybe MSN?

Google

Reply to
Nigel Wade

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.