fe80::: WTF?

Discussion in 'ESET Smart Security' started by NODPortable, Oct 14, 2009.

Thread Status:
Not open for further replies.
  1. NODPortable

    NODPortable Registered Member

    Joined:
    Mar 22, 2008
    Posts:
    9
    Hi,

    When I boot up my computer I keep getting an inbound request on some weird address format.

    fe80:::d5fc:79a:d2ff:a1dc

    Its coming in port 5535 (llmnar or something)

    It claims to be the windows host process (on Win 7 x64).

    Any idea what the **** it is? So far I've been temporarily blocking it...
    I tried an IP lookup but got nothing.
     
  2. NODPortable

    NODPortable Registered Member

    Joined:
    Mar 22, 2008
    Posts:
    9
    Hmmm, not certain but I think its related to the virtual machine that I have. When I delay the boot up of it, the request actually comes when it starts, not my host PC.

    Still no idea if its a valid request coming from the virtual pc to my host, or some spam/hack coming from a remote computer to the OS installation on the virtual pc....
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,411
    Since you're using Windows 7, make sure to enable pre-release updates in the update setup so that the firewall module 1053 with Windows 7 support is downloaded. It adds an option for multicast address resolution (LLMNR) on port 5355 (you probably made a typo).
     
  4. NODPortable

    NODPortable Registered Member

    Joined:
    Mar 22, 2008
    Posts:
    9
    Yep correct on the typo.

    I didn't see any 'pre-release updates' option. I did stumble across an 'Enable Test Mode' option though, so I took a punt and enabled that instead. Its gone ahead and download ~23mb file.

    Does that sound about right?
     
  5. pegas

    pegas Registered Member

    Joined:
    May 22, 2008
    Posts:
    2,226
    It's OK, let the update finish.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.