Help With Log Entry

I Have ESS 4.0.467. Today, I started seeing entries in the firewall log stating, "Packet blocked by active defense (IDS)." It seems to be outgoing from my machine to the following IP addresses: 213.155.18.56 & 213.155.20.32.According to WHOIS lookups, the first address resolves to a network in Odessa in the Ukraine while the second resolves to a network in Namibia.

It seems as though I have something on my computer trying to "phone home." BTW... these log entries happened within just a few minutes of each other, several times each. Also, they each came from my local port 63581.

Is there anyway I can track down what on my machine is doing this? Nothing in the log gives any indication.

Any help is greatlt appreciated.

Rick

 

Hello,

Which version of Microsoft Windows are you running?

Regards,

Aryeh Goretsky

 

Sorry, I'm running Vista SP2.

Rick

 

Hello,

If you open an elevated Command Prompt (filename: CMD.EXE) under Microsoft Windows Vista SP2 and issue a "netstat -b" command, you should see a list of programs and the IP addresses bound to them.

Regards,

Aryeh Goretsky