What can be done to stop this incessant cr?p

Discussion in 'ESET Smart Security' started by silverfox55, Jul 17, 2009.

Thread Status:
Not open for further replies.
  1. silverfox55

    silverfox55 Registered Member

    Joined:
    Apr 28, 2008
    Posts:
    97
    Location:
    The Original Washington
    16/07/2009 20:45:38 Communication denied by rule 127.0.0.1:1900 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule fe80::d842:a4dc:f8a2:83e7%167772160.:1900 ff02::c.:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule ::1.:1900 ff02::c.:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule fe80::100:7f:fffe%150994944.:1900 ff02::c.:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule 192.168.2.3:1900 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule 127.0.0.1:1900 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule fe80::d842:a4dc:f8a2:83e7%167772160.:1900 ff02::c.:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule ::1.:1900 ff02::c.:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule fe80::100:7f:fffe%150994944.:1900 ff02::c.:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule 192.168.2.3:1900 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule 127.0.0.1:1900 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule fe80::d842:a4dc:f8a2:83e7%167772160.:1900 ff02::c.:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule ::1.:1900 ff02::c.:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule fe80::100:7f:fffe%150994944.:1900 ff02::c.:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule 192.168.2.3:1900 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule 127.0.0.1:1900 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule fe80::d842:a4dc:f8a2:83e7%167772160.:1900 ff02::c.:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule ::1.:1900 ff02::c.:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule fe80::100:7f:fffe%150994944.:1900 ff02::c.:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule 192.168.2.3:1900 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule 127.0.0.1:1900 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule fe80::d842:a4dc:f8a2:83e7%167772160.:1900 ff02::c.:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule ::1.:1900 ff02::c.:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule fe80::100:7f:fffe%150994944.:1900 ff02::c.:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule 192.168.2.3:1900 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule 127.0.0.1:1900 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule fe80::d842:a4dc:f8a2:83e7%167772160.:1900 ff02::c.:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule ::1.:1900 ff02::c.:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule fe80::100:7f:fffe%150994944.:1900 ff02::c.:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule 192.168.2.3:1900 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:35 Communication denied by rule 127.0.0.1:1900 239.255.255.250:1900 UDP Block outgoing SSDP (UPNP) requests C:\Windows\System32\svchost.exe NT AUTHORITY\LOCAL SERVICE
    16/07/2009 20:45:24 Communication denied by rule 192.168.2.3:137 67.215.65.132:137 UDP Block NETBIOS Name Service requests System
    16/07/2009 20:45:03 Communication denied by rule 192.168.2.3:137 67.215.65.132:137 UDP Block NETBIOS Name Service requests System
    16/07/2009 20:44:38 No usable rule found 192.168.2.3 67.215.65.132 41
    16/07/2009 20:44:34 No usable rule found 192.168.2.3 67.215.65.132 41
    16/07/2009 20:44:30 No usable rule found 192.168.2.3 67.215.65.132 41
    16/07/2009 20:44:26 No usable rule found 192.168.2.3 67.215.65.132 41
    16/07/2009 20:44:24 Communication denied by rule 192.168.2.3:137 67.215.65.132:137 UDP Block NETBIOS Name Service requests System
    16/07/2009 20:44:03 Communication denied by rule 192.168.2.3:137 67.215.65.132:137 UDP Block NETBIOS Name Service requests System
    16/07/2009 20:43:24 Communication denied by rule 192.168.2.3:137 67.215.65.132:137 UDP Block NETBIOS Name Service requests System

    Ver3 on Vista.
    And please do not advise to upgrade to the latest Beta ver4
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    did you try changing the firewall to interactive mode?
     
  3. silverfox55

    silverfox55 Registered Member

    Joined:
    Apr 28, 2008
    Posts:
    97
    Location:
    The Original Washington
    set to automatic from the very start.
     
  4. silverfox55

    silverfox55 Registered Member

    Joined:
    Apr 28, 2008
    Posts:
    97
    Location:
    The Original Washington
    Now I get this rubbish even when in interactive mode, so what needs to be done to stop this rubbish.
    18/07/2009 07:50:13 Communication denied by rule 192.168.2.3:137 67.215.65.132:137 UDP Block NETBIOS Name Service requests System
    18/07/2009 07:49:52 No usable rule found 192.168.2.3 67.215.65.132 41
    18/07/2009 07:49:48 No usable rule found 192.168.2.3 67.215.65.132 41
    18/07/2009 07:49:44 No usable rule found 192.168.2.3 67.215.65.132 41
    18/07/2009 07:49:40 No usable rule found 192.168.2.3 67.215.65.132 41
    18/07/2009 07:49:36 No usable rule found 192.168.2.3 67.215.65.132 41
    18/07/2009 07:49:34 Communication denied by rule 192.168.2.3:137 67.215.65.132:137 UDP Block NETBIOS Name Service requests System
    18/07/2009 07:49:32 No usable rule found 192.168.2.3 67.215.65.132 41
    18/07/2009 07:49:28 No usable rule found 192.168.2.3 67.215.65.132 41
    18/07/2009 07:49:24 No usable rule found 192.168.2.3 67.215.65.132 41
    18/07/2009 07:49:13 Communication denied by rule 192.168.2.3:137 67.215.65.132:137 UDP Block NETBIOS Name Service requests System
    18/07/2009 07:48:34 Communication denied by rule 192.168.2.3:137 67.215.65.132:137 UDP Block NETBIOS Name Service requests System
    18/07/2009 07:48:13 Communication denied by rule 192.168.2.3:137 67.215.65.132:137 UDP Block NETBIOS Name Service requests System
    18/07/2009 07:47:34 Communication denied by rule 192.168.2.3:137 67.215.65.132:137 UDP Block NETBIOS Name Service requests System
     
  5. stratoc

    stratoc Guest

    have you enabled log all blocked connections which i believe is off by default?
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    What devices do the IP addresses 67.215.65.132 and 67.215.65.132 belong to?
     
  7. stratoc

    stratoc Guest

    that's why i asked, firewalls will block unneeded connections that's there job. most people can block all igmp with no issues for example.
    what's actually not working? if everything is fine turn off logging.
     
  8. pinjoa

    pinjoa Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    74
    Location:
    Braga, Portugal
    this IP address belongs to OpenDNS network...
     
  9. pinjoa

    pinjoa Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    74
    Location:
    Braga, Portugal
    you have a rule to block netbios traffic on UDP ports
     
  10. ASpace

    ASpace Guest

    @silverfox55

    What about going to Control Panel > Administrative tools > Services
    and disable these two services :
    "UPnP Device host" and "SSDP Discovery service"

    As for "No usable rule found" , you can disable the Log all blocked connections option from the IDS setup of ESS
     
Thread Status:
Not open for further replies.