Is this an intrusion attempt?

I’m behind a NAT router so if it is hacking it had to be requested first by Firefox.

[attachment deleted by admin]

Can you tell us a bit more about what you where doing on the web around that time ?
Maybe if you run some sort of plugin, googling around on udp 5004 shows a lot of “chat” related issues.

Is your firefox set to allow UDP traffic outgoing ?

At the time I was downloading a WMP plugin to Firefox.

The rules to Firefox I could see are the following:

[attachment deleted by admin]

Then i guess this is triggered by the plugin.

a user to connect to a media server over the Real Time Streaming Protocol (RTSP), which typically operates over TCP port 554 or UDP ports 5004 and 5005. Most communications with RTSP servers are initiated from client to server.

I would set Firefox to allow only TCP out and set UPD out to logging then you can see FF probably initiated this request.

My personal settings for FF are only HTTP(S) out and the rest alerts, but that’s my taste of rules :wink:

Crisp and clear.