Confusing Firewall Popup

I’m new to using CFP, (from ZA) and I’m confused by some firewall popups. I’ve been getting one that says “Services.exe is trying to recieve connections from the Internet” This is on Port NBESS 139 or so it says, but what I find confusing is that it says its coming from
My understanding is that all 192.x.x.x are internal only and that isn’t in any range I"m using.
I have cable, behind a router with local ip’s 192.168.1.x. I’m also running VMware which gives me 2 ip’s and and Hamachi with 5.x.x.x.
The subnets for all the 192 addresses are, and for hamachi is…
My understanding is that this means there can’t be any 192.168.133.x on my network.

Anyway, so far I’ve answered No, since I don’t think system.exe should even be receiving, but the other thing is that its popped up more than once even though I’ve told it to remember my answer. Is there any reasoning to that?

I’m not familiar with Hamachi, but from other posters descriptions, it is part of a gaming system that uses some manner of remote access, like a VPN.

If my understanding is correct, then what you are seeing as 192.168.133.x is LAN connection thru the Hamachi VPN to someone-else’s network. Probably not a good thing to have happen.

And, yes, you are correct, in that you don’t have any 192.168.133.x on your system, with the netmasks that you’ve described.

I don’t believe its Hamachi at all thats doing it. You are correct in that it is for a VPN, but it doesn’t allow connections unless the client is running and I rarely run it. It definitly wasn’t running when the popup occurred. And its supposed to be quite secure.

Well, as a private IP address, it can’t be from the Internet, so that would imply a connection somehow. A few things to check:

First is the CFP log, to see what got recorded there. The port 139 is a Windows file share port, typically use by a remote machine to connect to a shared folder on your machine.

Second, You can see what shares are offered on your machine with a “net share” run from a command prompt (ignore anything that has a trailing $ as these are system defined admin shares, and supposed to exist)

Third is to see what ports are open on your machine at the moment. From a command prompt, run “netstat -an”. The typical PPTP VPN port is 1723 as a tcp connection. Windows remote desktop is 3389, also tcp. There are others too.

And finally, is to use Start → Run, and enter “services.msc” to see what services are present on your machine. You’re looking ofr something you don’t recognize.