What's with all this. Seems fishy?

stevemike2121 · stevemike2121 #1 (**permalink**)

02-07-2009, 04:17 AM

Feb 7 04:04:09 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57636 from 72.246.25.138:80
Feb 7 04:04:09 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57640 from 72.246.25.138:80
Feb 7 04:04:10 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57639 from 72.246.25.138:80
Feb 7 04:04:31 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57637 from 72.246.25.138:80
Feb 7 04:04:31 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57638 from 72.246.25.138:80
Feb 7 04:04:32 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57636 from 72.246.25.138:80
Feb 7 04:04:32 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57640 from 72.246.25.138:80
Feb 7 04:04:32 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57639 from 72.246.25.138:80
Feb 7 04:05:15 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57637 from 72.246.25.138:80
Feb 7 04:05:15 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57638 from 72.246.25.138:80
Feb 7 04:05:15 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57636 from 72.246.25.138:80
Feb 7 04:05:16 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57640 from 72.246.25.138:80
Feb 7 04:05:16 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57639 from 72.246.25.138:80

I have taken very few precautions, but all my firewall and sharing settings seem alright. Any clues?

louishen · louishen #2 (**permalink**)

02-07-2009, 05:30 AM

Is something on your machine trying to send info out?

If so then a program called little snitch will tell you which apps are attempting to do this

stevemike2121 · stevemike2121 #3 (**permalink**)

02-07-2009, 07:07 AM

I downloaded little snitch but it seems the groups of attempts don't seem to be registering. They come about 10 at a time. I've shuffled all my passwords, but the IP's are rolling about every half hour.

Feb 6 06:49:28 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:49269 from 66.135.200.13:80
Feb 6 06:49:28 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:49271 from 66.135.200.13:80
Feb 6 06:49:28 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:49270 from 66.135.220.11:80
Feb 6 06:49:40 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:49264 from 66.135.200.13:80
Feb 6 06:49:40 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:49266 from 66.135.200.11:80
Feb 6 06:49:40 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:49267 from 66.135.200.13:80
Feb 6 06:49:40 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:49268 from 66.135.220.11:80
Feb 6 06:49:40 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:49269 from 66.135.200.13:80
Feb 6 06:49:40 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:49271 from 66.135.200.13:80
Feb 6 06:49:40 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:49270 from 66.135.220.11:80
Feb 6 07:00:00 localhost newsyslog[142]: logfile turned over due to size>100K

louishen · louishen #4 (**permalink**)

02-07-2009, 07:14 AM

AS long as your firewall is on and any unwanted ports are off (like ftp and windows filesharing) you are safe

It looks like someone is just blanket sniffing any machines out there with a range of IP addresses, you Mac is safe from any attempts, but I would edit your post on here to obscure your own IP address

stevemike2121 · stevemike2121 #5 (**permalink**)

02-07-2009, 07:21 AM

Thanks. It makes since. I'm working in NC near a Google headquarters. A lot of this has been going on around here.

stevemike2121 #1 (permalink)
Member Since: Feb 03, 2009 Posts: 11	02-07-2009, 04:17 AM Feb 7 04:04:09 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57636 from 72.246.25.138:80 Feb 7 04:04:09 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57640 from 72.246.25.138:80 Feb 7 04:04:10 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57639 from 72.246.25.138:80 Feb 7 04:04:31 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57637 from 72.246.25.138:80 Feb 7 04:04:31 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57638 from 72.246.25.138:80 Feb 7 04:04:32 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57636 from 72.246.25.138:80 Feb 7 04:04:32 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57640 from 72.246.25.138:80 Feb 7 04:04:32 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57639 from 72.246.25.138:80 Feb 7 04:05:15 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57637 from 72.246.25.138:80 Feb 7 04:05:15 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57638 from 72.246.25.138:80 Feb 7 04:05:15 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57636 from 72.246.25.138:80 Feb 7 04:05:16 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57640 from 72.246.25.138:80 Feb 7 04:05:16 localhost Firewall[39]: Stealth Mode connection attempt to TCP 111.168.2.000:57639 from 72.246.25.138:80 I have taken very few precautions, but all my firewall and sharing settings seem alright. Any clues? Last edited by stevemike2121; 02-07-2009 at 07:20 AM.
	QUOTE Thanks

louishen #2 (permalink)
Member Since: Oct 22, 2007 Location: London Posts: 8,682 Mac Specs: Mac Mini Core i7 2012 \| White 2009 MacBook 2 Ghz \| 733 Mhz G4 Quicksilver	02-07-2009, 05:30 AM Is something on your machine trying to send info out? If so then a program called little snitch will tell you which apps are attempting to do this Member of the Month September 2008 & August 2012 \| Found advice useful? – use the rep system
	QUOTE Thanks

louishen #4 (permalink)
Member Since: Oct 22, 2007 Location: London Posts: 8,682 Mac Specs: Mac Mini Core i7 2012 \| White 2009 MacBook 2 Ghz \| 733 Mhz G4 Quicksilver	02-07-2009, 07:14 AM AS long as your firewall is on and any unwanted ports are off (like ftp and windows filesharing) you are safe It looks like someone is just blanket sniffing any machines out there with a range of IP addresses, you Mac is safe from any attempts, but I would edit your post on here to obscure your own IP address Member of the Month September 2008 & August 2012 \| Found advice useful? – use the rep system
	QUOTE Thanks

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
here fishy...	michaelmjc	Images, Graphic Design, and Digital Photography	11	02-03-2006 12:33 AM
Is this fishy?	rs2sensen	Schweb's Lounge	15	11-21-2005 03:43 PM

What's with all this. Seems fishy?

Internet Services

Web Development

Digital Marketing

Consumer Tech

stevemike2121 #5 (permalink)
Member Since: Feb 03, 2009 Posts: 11	02-07-2009, 07:21 AM Thanks. It makes since. I'm working in NC near a Google headquarters. A lot of this has been going on around here.
	QUOTE Thanks

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)