firewall log
 

Any ideas what all these outgoing packets are from? All my apps seem to work fine. Open during this is: Winamp, mIRC, IE, Azureus, MSN Messenger.

Re: firewall log
 

I think you've just answered your own question

Re: firewall log
 

eh?

Re: firewall log
 

Re: firewall log
 

Nah I have rules to allow all these applications. Like I said, they all work fine (so aren't being blocked). I'm wondering what all the other traffic is. None of the ports in the log I recognise being from any of the applications I'm using.

Re: firewall log
 

What firewall are you using. If its zonealarm it should tell you exactly whats using the internet at this time

Re: firewall log
 

Has this acivity only just started? If so have you done a system scan for virus/ spyware etc?

Re: firewall log
 

just because they work doesn't mean they're not responsible for that traffic.. for example.. p2p software will be receiving packets for download (incoming rules).. but what you see above could be generated by the program to build your available file listing (outgoing rule)

just an example

Re: firewall log
 

Correct, I have logs like that when I've had flashfxp,mirc,kazaa and other things all running at once

Re: firewall log
 

lookup 62.62.236.85 ... 85.236.62.62.9nanterr1-0-ro-bas-1.9tel.net
lookup 81.134.64.62 ... host81-134-64-62.in-addr.btopenworld.com
lookup 82.65.123.214 ... lns-p19-18-82-65-123-214.adsl.proxad.net
lookup 12.249.3.205 ... 12-249-3-205.client.attbi.com
lookup 12.215.41.59 ... 12-215-41-59.client.mchsi.com
lookup 24.165.230.36 ... 36.230.165.24.cfl.rr.com

Re: firewall log
 

Yep p2p can upset your logs, is the only thing that shows in mine since I sit behind a router LOL. Its normally the software trying to re-connect to sources previously used and also trying to find new ones. Not everyone uses the standard ports since they get blocked by ISP's ;) so strange ports can show up.

Re: firewall log
 

it's worth doing a sweep of your system with an anti-trojan/spyware tool anyway.. just to be sure.. in fact i'd do that regularly regardless of any unusual activity

Re: firewall log
 

Thanks for all the replies guys. I'm using Deerfield Visnetic firewall and have had logs like this for a while now. I've just decided that I wanna know why the log is so large and try and cut down the pure size of the log!

I'm thinking it's something like s1lv3r suggested, but I've opened all the ports I believe I'm supposed to for p2p (see attached tcp ruleset).

I've done a spyware scan and its clean.

Re: firewall log
 

setup looks fine to me.. the bittorrent one is the only one that looks like it may be responsible.. i notice you've restricted it's outbound ports to the 6881-6999 range.. (which is the right thing to do).. on that basis i'd be unsurprised to see that sort of log.. especially if you can't specify specific ports within the program

edit: just noticed overnet.. same applies there /edit

Re: firewall log
 

Fair enuf. Cheers for the answers. I'd rather live with a big log than an unsecure system :D