The source IPS seems to be different now, infact all of them, I wouldn’t doubt how many are RIAA and such, but I have peergaurdian disabled until I can get this sorted lol.
As for the same recurring IP I stated before, it’s no longer in the log. Here is a snipet of the log output.
Comodo Firewall Logs
Date Created: 10:40:29 03-01-2007
Log Scope: Today Date/Time :2007-01-03 10:40:25Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 70.48.34.191, Port = 60003)Protocol: UDP IncomingSource: 66.117.5.83:4679 Destination: 70.48.34.191:60003 Reason: Network Control Rule ID = 5
Date/Time :2007-01-03 10:40:25Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 70.48.34.191, Port = 31663)Protocol: TCP IncomingSource: 218.111.65.155:4519 Destination: 70.48.34.191:31663 TCP Flags: SYN Reason: Network Control Rule ID = 5
Date/Time :2007-01-03 10:40:20Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 70.48.34.191, Port = 31663)Protocol: TCP IncomingSource: 218.111.65.155:4519 Destination: 70.48.34.191:31663 TCP Flags: SYN Reason: Network Control Rule ID = 5
Date/Time :2007-01-03 10:40:20Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 70.48.34.191, Port = 31663)Protocol: TCP IncomingSource: 125.99.133.92:4227 Destination: 70.48.34.191:31663 TCP Flags: SYN Reason: Network Control Rule ID = 5
Date/Time :2007-01-03 10:40:15Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 70.48.34.191, Port = 31663)Protocol: TCP IncomingSource: 125.99.133.92:4227 Destination: 70.48.34.191:31663 TCP Flags: SYN Reason: Network Control Rule ID = 5
Date/Time :2007-01-03 10:40:10Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 70.48.34.191, Port = 31663)Protocol: TCP IncomingSource: 125.99.133.92:4227 Destination: 70.48.34.191:31663 TCP Flags: SYN Reason: Network Control Rule ID = 5
Date/Time :2007-01-03 10:40:00Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 70.48.34.191, Port = 31663)Protocol: TCP IncomingSource: 200.79.239.137:4275 Destination: 70.48.34.191:31663 TCP Flags: SYN Reason: Network Control Rule ID = 5
Skip a few recurring results and here are a few different ones …
Date/Time :2007-01-03 10:39:34Severity :MediumReporter :Network MonitorDescription:Inbound Policy Violation (Access Denied, ICMP = PROTOCOL UNREACHABLEPORT UNREACHABLE)Protocol:ICMP IncomingSource: 192.168.1.1 Destination: 192.168.2.1 Message: PROTOCOL UNREACHABLEPORT UNREACHABLE Reason: Network Control Rule ID = 5
Date/Time :2007-01-03 10:39:34Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, Protocol = IGMP)Protocol:IGMP IncomingSource: 192.168.2.1 Destination: 224.0.0.1 Reason: Network Control Rule ID = 5
Date/Time :2007-01-03 10:39:34Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 70.48.34.191, Port = 26008)Protocol: TCP IncomingSource: 87.7.39.143:32669 Destination: 70.48.34.191:26008 TCP Flags: SYN Reason: Network Control Rule ID = 5
Date/Time :2007-01-03 10:39:34Severity :MediumReporter :Network MonitorDescription: Inbound Policy Violation (Access Denied, IP = 70.48.34.191, Port = 26008)Protocol: UDP IncomingSource: 218.170.112.232:10877 Destination: 70.48.34.191:26008 Reason: Network Control Rule ID = 5
There’s too many to list, if I were to copy the entire log this thread would be massive, unless you want me to upload the log to rapidshare or something.\
Thanks again.