Every week or so I see the log has blocked a few connections coming from the same address, but today I see the log contains many attempted connections. Could someone please elaborate? 1,[25/Apr/2004 11:24:18] Rule 'Packet to unopened port received': Blocked: In TCP, pD9EF014A.dip.t-dialin.net [217.239.1.74:3221]->localhost:13376, Owner: no owner 1,[25/Apr/2004 11:24:24] Rule 'Packet to unopened port received': Blocked: In TCP, pD9EF014A.dip.t-dialin.net [217.239.1.74:3221]->localhost:13376, Owner: no owner 1,[25/Apr/2004 11:25:00] Rule 'Packet to unopened port received': Blocked: In TCP, pD9EF014A.dip.t-dialin.net [217.239.1.74:3359]->localhost:13376, Owner: no owner 1,[25/Apr/2004 11:25:02] Rule 'Packet to unopened port received': Blocked: In TCP, pD9EF014A.dip.t-dialin.net [217.239.1.74:3359]->localhost:13376, Owner: no owner 1,[25/Apr/2004 11:25:08] Rule 'Packet to unopened port received': Blocked: In TCP, pD9EF014A.dip.t-dialin.net [217.239.1.74:3359]->localhost:13376, Owner: no owner 1,[25/Apr/2004 11:25:44] Rule 'Packet to unopened port received': Blocked: In TCP, pD9EF014A.dip.t-dialin.net [217.239.1.74:3490]->localhost:13376, Owner: no owner 1,[25/Apr/2004 11:25:46] Rule 'Packet to unopened port received': Blocked: In TCP, pD9EF014A.dip.t-dialin.net [217.239.1.74:3490]->localhost:13376, Owner: no owner 1,[25/Apr/2004 11:25:52] Rule 'Packet to unopened port received': Blocked: In TCP, pD9EF014A.dip.t-dialin.net [217.239.1.74:3490]->localhost:13376, Owner: no owner 1,[25/Apr/2004 11:26:30] Rule 'Packet to unopened port received': Blocked: In TCP, pD9EF014A.dip.t-dialin.net [217.239.1.74:3628]->localhost:13376, Owner: no owner 1,[25/Apr/2004 11:26:40] Rule 'Packet to unopened port received': Blocked: In TCP, pD9EF014A.dip.t-dialin.net [217.239.1.74:3628]->localhost:13376, Owner: no owner The above is just a small extract. Thanks for any help
I am not a Kerio expert by no means, but I would say your firewall is doing it's job being as how the log entries all say blocked.
You have nothing listening on the port anyway, so even if you let the packets through there is no program listening on the other side. Kerio is doing its job, and its likely the leftovers form an old connection somebody else started.