Those IP’s are from windows self assigned range.
When windows can’t get an IP from a DHCP server It gives itself one and then tries to find other windows machines to work with.
So do you have a connection problem?
nope don’t have any connection problem. Why does this happen? So this is normal then? if so…I guess the only problem then would be how to stop these firewall events from bloating up the whole log.
i can’t imagine this being normal though… it looks like i have thousands of these taking up the whole log. I looked in the network security policies for something that says windows operating system but i don’t see it.
I only see system… which is also a different item in the firewall event log.
or maybe it does have something to do with that. I noticed when trying out norton 2009 it listed all the cable boxes in the house on the network. I just recently got refunded from zonealarm after upgrading to their super resource hog and less secure extreme edition. I won’t even go into that. but maybe its the windows or comodo that doesn’t recognize the cable boxes? i’m clueless so dont’ mind me. zonealarm never even detected the cable boxes before.
i do notice the windows operating system being blockied with another ip adresss of my pops pc on my home lan. prolly cause i ahven’t added him as trusted yet.
but maybe these other ones are the cable boxes it doesn’t recognize?
oh thats an idea… maybe restart the router? i hope i don’t have to pinpoint which cable box it is haha. but thats a great idea tks man.
well i just went into the router and seen that all the cable boxes in the house are still listed with their ip address. I thought maybe they might have gotten unrecognized which has happened once before to me… and i have to reset the router.
i will try to reset it anyways though once the network is free and let you know what happened.
Restart the devices to make them request fresh IP.
Restarting router shouldn’t make a diff.
Whatever it is , it was started at some time the router was off, gave itself an IP and has been lookin for a friend ever since.
oh ok, hmm interesting… so the router wouldn’t make a difference its on of the connected devices.
man we have 6 boxes in the house thast gonna be a pain in the rear haha. also the router lists another pc on my network(granpops) that is off at the moment. he is dhcp. me and my pops are static. all the cable boxes are coax dhcp. don’t know if that means anything.
i’m under the impression that is has something to do with the verizon fios router and comodo.
like i said when i used the norton firewall trial yesterday… it showed all six boxes in their “network map” and listed them as non pc motorola devices which they are. I think maybe verizon fios just has weird network activity that some firewalls think is nuts. lol
The solution this guy had was to disable STP on the ethernet port… so what the heck does that mean and how do i do that hehe.
nevermind i was reading on that same forum its a bad idea to do that might cause lots of problems… plus might conflict with my VOD and menu guides on the cable boxes.
So if u can just suggest to me how i can omit this specific event from being logged in the firewall…
OK, yea it looks like UPNP traffic, but the addresses it’s using are just not working for me.
So you unplugged each device one by one and it never stopped the blocks?
Does your router have an active connection window, does it show anything connected with the IP in question?
Do you have any wireless, on your network?
I don’t want to alarm you but this is an old yet informative page you should read.
I just believe it is important to solve this, rather than cover it up.
Go to Device Manager → look up the Ethernet network adapter → select it → click right and choose Properties → go to the tab Advanced and see if STP is there to set → if so the disabled it → Ok. May be you need to renew/restore the network connection.
STP is a protocol used between devices functioning as a packet bridge, and is used only on a LAN segement. It is not an IP protocol, and so shouldn’t be recognized by CIS, or pretty much any other firewall. It’s in the same protocol set as ARP. It’s one of those things that if you need it, and it doesn’t work, your LAN is dead.
Seeing traffic on 169.254.1.255 is unusual. If it was normal broadcast traffic, it would be using the address 169.254.255.255. And the 169.254.x.x address space is pretty much used only by Windows machines. I don’t know of a CPE router that uses it.
A quick check of your machines, from a command prompt, type “ipconfig /all” and see what machine is configured to use the 169.254.x.x address range.
If no machine is using that address space, and you’re still seeing log entries, then it will be necessary to install a network monitor like Wireshark (www.wireshark.org) on one of your machines to capture packets to find out what is going on.