×
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
bmckenna
Former Member
Message 1 of 2

Unsolicited connections?

A recent reinstall of Security Center and VirusScan demanded that I uninstall my ZA Pro. So I relented. The McAfee install then included Personal Firewall in the installation, an item I don't believe is part of my subscription. Now, I have read the reply from Ex_Brit to one user's query concerning the issue of unsolicited connection attempts and his suggestion to ignore the items listed in the log. However, according to my ISP, the log entries reporting attempts to connect to a range of different ports on my system by my ISP are in error: the DNS makes no attempt to connect to ports. So, why does McAfee design this software this way, and in addition, why do they make it impossible (afaik) to directly access the log, such as ZA has always allowed?

My ISP has suggested that I make the domain a trusted domain and this will stop the items being reported in the log. However if something is actually attempting to connect to ports on my system - which my ISP says is not true - then I would open a vulnerablilty by making my ISP's DNS a trusted IP.

Something is not right: either the software is not reporting accurately or my ISP - which has provided me with excellent service for many years - is in mistaken about the behavior of their system.

I'd appreciate any real explanation for this. Sugggesting I ignore it does not provide the security that is implicit in the use of software of this sort.

Best wishes,

Barry

1 Reply
SeanMc98
Contributor III
Message 2 of 2

Re: Unsolicited connections?

Same problem here.  My "inbound events" log exhibits multiple unsolicited connection attempts to UDP ports in the > 50000 range, mostly 58000 - 60000.  (Refer to attachment "Unsolicited_UDP_Exhibit_1").  These UDP ports are (supposedly) in the reserved range.  The soliciting (originating) IP-address of all these attempts is one of the two (2) IP addresses found in the network connection as the "DNS Servers".  (Refer to attachment "Unsolicited_UDP_Exhibit_2").

I have NOT trusted these IP-addresses.  I did (at one time) "ban" them, with less-than-pleasant results (network access went haywire).  This "ban" suggests that these unsolicited contacts are indeed actually occuring.  The ISP confirmed that the addresses are the regional operations center (the network hub).

Unfortunately, the information in the attached exhibits is all that I have.  Any ideas ?

How Many Badges Can You Collect?
Ready for a little competition? Members like you are earning badges and unlocking perks for their helpful answers. Are you? Click here to find out.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community