Jump to content

Why would my system want to connect to this IP

Ash_s

By Ash_s
in Networks and the Internet

 Share

Recommended Posts

Ash_s

Ash_s

Posted
Posted

Hi people, this is my first post and it's a problem that needs your help. I use NetLimiter to control my internet traffic. today NL gave a message that my system wants to connect to this Ip address 63.246.129.160 through the port 2574 and using udp protocol, so I was suspicious about this and wanted to know why would my system want to connect to a computer in Miami, Florida? here is the picure of NL message

nlsys8iy.png

also i would like to know if such things happen with you guys.


CptMurphy

CptMurphy

Posted
Posted (edited)

Here's what I get from the whois database:

United Colocation Group, Inc. ASN-UNCGI-EXC-02 (NET-63-246-128-0-1) 
								  63.246.128.0 - 63.246.159.255
Guido Mora SAGO-63-246-129-160 (NET-63-246-129-160-1) 
								  63.246.129.160 - 63.246.129.169

Every once in a while my firewall says that my pc wants to connect to an ip but it's usually microsoft or from some program that I know about.

Here's some info about port 2574 UDP from the auditmypc.com site:

Port Number: 2574

TCP / UDP: UDP

Delivery: No

Protocol / Name: blockade-bpsp

Port Description: Blockade BPSP

Virus / Trojan: No

Side note: UDP port 2574 uses the Datagram Protocol, a communications protocol for the Internet network layer, transport layer, and session layer. This protocol when used over PORT 2574 makes possible the transmission of a datagram message from one computer to an application running in another computer. Like TCP (Transmission Control Protocol), UDP is used with IP (the Internet Protocol) but unlike TCP on Port 2574, UDP Port 2574 is connectionless and does not guarantee reliable communication; it's up to the application that received the message on Port 2574 to process any errors and verify correct delivery.

Edited by m3n70r
rendrag

rendrag

Posted
Posted

do you have any programs running that would want to connect to that IP? Does that program tell you where that connection request originated?

LLXX

LLXX

Posted
Posted (edited)

Run netstat to get a list of connections and their associated processes.

Trojans and keyloggers are known for this type of behavior.

Edited by LLXX
RogueSpear

RogueSpear

Posted
Posted

I'm not familiar with NetLimiter, so I'm wondering if it's possible for that program to tell you what process is trying to make this connection - even if it's just in a log file somewhere. If it does, you could narrow things down quite a bit.

Ash_s

Ash_s

Posted
  • Author
Posted

I appreciate all your replies you guys, but now I have this fantastic software that detects every bit of information enters my PC or leaves it, The name of the program is SoftPerfect Network Protocol Analyzer. and there is another one designed just for HTTP protocol and has the name HTTP Analyzer.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...