×
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
townman
Former Member
Message 1 of 5
‎06-16-2014 04:29 AM

Why is a McAfee server making unsolicited connections to my PC

Whilst reviewing the security history of my All Access - Total protection firewall, I noticed that unsolicited connections from McAfee servers to my PC had been blocked

"The PC 161.69.12.13 tried to connect to TCP port 60962 on your PC without your permission".

#Microsoft Windows [Version 6.1.7601]
#16/06/2014-12:00:57.14
C:\Users\Kevin>ping -a 161.69.12.13

Pinging us.mcafee.com [161.69.12.13] with 32 bytes of data:
Reply from 161.69.12.13: bytes=32 time=178ms TTL=240

I can find no recognised use of port 60962

Why is this connection being attempted and what are the consequences of the connection being blocked?  One supposes that there must a be legitmant purpose for the appempted connection and therefore that it being blocked must be detrimental to the user experience.

Whilst the answer might be "not an issue" something is clearly not right - either the connection has a purpose and therefore should not be blocked, or it has no purpose and should not have been attempted in the irst place.

0 Kudos
Reply
4 Replies
exbrit
MVP
MVP
Message 2 of 5
‎06-16-2014 06:01 AM

Re: Why is a McAfee server making unsolicited connections to my PC

Unless a technician sees this and happens to know the answer that sort of question is best dealt with by Technical Support, they are free to contact by phone or online chat and linked under Useful Links at the top of this page.

I would imagine it's just handshaking between your machine and the update servers but that is only a guess.

0 Kudos
Reply
Hayton
Reliable Contributor
Reliable Contributor
Message 3 of 5
‎06-16-2014 06:02 AM

Re: Why is a McAfee server making unsolicited connections to my PC

Two issues here. One, why is a McAfee server trying to connect to your PC; and two, why is it using this high port number (and what is the significance of that particular port)?

The port number is fairly easy to deal with so I'll do that first. Port 60962 is a randomly-selected high port number in the range of ports which are classed as 'dynamic' or 'ephemeral'. The port number by itself has no significance.

http://68.67.73.20/port.php?port=60962&print=friendly  (Speedguide.net)

https://en.wikipedia.org/wiki/Ephemeral_port

An ephemeral port is a short-lived transport protocol port for Internet Protocol (IP) communications allocated automatically from a predefined range by the IP software. It is used by the Transmission Control Protocol (TCP), User Datagram Protocol (UDP), or the Stream Control Transmission Protocol (SCTP) as the port assignment for the client end of a client–server communication to a well known port on a server.

As to why that connection was attempted, I cannot say. Your PC is in constant touch with McAfee servers (and vice-versa) while it's switched on, and that IP address you mention (161.69.12.13) maps to the domain name "us.mcafee.com" : a server in Santa Clara, California. Since I installed tcpview (from Microsoft Sysinternals) I have had fun watching the myriad connections that take place during the startup process, and connections to "us.mcafee.com" are set up and closed repeatedly. This is normal ... but I can only guess as to what each connection is doing. Checking to see if an update is needed, actually updating files (spam definitions, for example) - that's possible. One thing I can say is that the connection to "us.mcafee.com" is made by McSvHost and is distinct from the connection that mcshield makes to McAfee, which is to "cloud.gti.mcafee.com", and so is probably to do with McAfee software components.

0 Kudos
Reply
townman
Former Member
Message 4 of 5
‎06-16-2014 06:08 AM

Re: Why is a McAfee server making unsolicited connections to my PC

Hayton,

Thank you for the informative reply.

All that said, without knowing why this sequence of events is taking place - which McAfee firewall acts to inhibit - one is not able to discen the consequential deficiency in the correct operation of the product.

Regards.

0 Kudos
Reply
Hayton
Reliable Contributor
Reliable Contributor
Message 5 of 5
‎06-16-2014 07:01 AM

Re: Why is a McAfee server making unsolicited connections to my PC

In your original post you said

either the connection has a purpose and therefore should not be blocked, or it has no purpose and should not have been attempted in the irst place.

So yes, the connection has a purpose, and it's coming from a known server, and so should be allowed. The question then is how to allow connections from McAfee servers. If you open Security Center and select the firewall settings, there are two places where this might be done : in 'Internet Connections for Programs' and in My Network Connections.

First, in Internet Connections for Programs find and click on McAfee Service Host; set its permissions to Full. You can probably safely disable NetGuard as well.

In My Network Connections add a rule for the IP address so the firewall won't block any connections. From the online Help :

You can configure Personal Firewall to manage specific remote connections to your PC. 
You manage PC connections by creating rules based on the Internet Protocol (IP) addresses of specific remote PCs. PCs that are associated with Home IP addresses are allowed to connect to your PC
Home Allows traffic from an IP address to reach your PC through any port. Activity between the PC associated with a Home IP address and your PC is not filtered or analyzed by Personal Firewall. By default, the first private network that Personal Firewall finds is listed as Home in the My Network Connections list. 
Work Controls traffic from an IP address when it connects to your PC, and allows or blocks that traffic according to the rules in the Ports and System Services list. Personal Firewall logs traffic and generates event alerts from IP addresses with this level of trust. 
  1. Click My Network Connections. 
  2. Under Add Network Connection, select the version of the PC's IP address: IPv4 or IPv6. 
  3. Do one of the following: 
    • Select Single, then type the IP Address. 
    • Select Range, then fill in the appropriate fields. 
       If a system service uses Internet Connection Sharing (ICS), you can type 192.168.0.1 to 192.168.0.255 for the starting (From:) and ending (To:) IP addresses. 
  4. From the Network Type menu, specify the network type for this PC connection. 
  5. (Optional) Under Days Before Expiration, type the number of days the rule is enforced before it expires. 
  6. Type an optional description for the rule. 
  7. Click Save.

McAfee controls not just that one address but all of them in the range from 161.69.0.0 - 161.69.255.255, so you could if you want allow all addresses from that range to have access to your PC.

0 Kudos
Reply
How Many Badges Can You Collect?
Ready for a little competition? Members like you are earning badges and unlocking perks for their helpful answers. Are you? Click here to find out.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community

* Important Terms and Offer Details:

  Subscription, Free Trial, Pricing and Automatic Renewal Terms:

  • The amount you are charged upon purchase is the price of the first term of your subscription. The length of your first term depends on your purchase selection (e.g. 1 month or 1 year).  Once your first term is expired, your subscription will be automatically renewed on an annual basis (with the exception of monthly subscriptions, which will renew monthly) and you will be charged the renewal subscription price in effect at the time of your renewal, until you cancel (Vermont residents must opt-in to auto-renewal.)
  • Unless otherwise stated, if a savings amount is shown, it describes the difference between the introductory first term price (available only to customers without an existing McAfee subscription) and the renewal subscription price (e.g., first term price vs. each year thereafter).
  • Pricing is subject to change. If the renewal price changes, we will notify you in advance so you always know what’s going on.
  • You can cancel your subscription or change your auto-renewal settings any time after purchase from your My Account page. To learn more, click here.
  • You may request a refund by contacting Customer Support within 30 days of initial purchase or within 60 days of automatic renewal (for 1 year terms or longer).
  • Your subscription is subject to our License Agreement and Privacy Notice. Subscriptions covering "all" devices are limited to supported devices that you own. Product features may be added, changed or removed during the subscription term.  Not all features may be available on all devices.  See System Requirements for additional information.
  • Free Trial Terms: At the end of your trial period you will be charged $39.99 for the first term. After the first term, you will be automatically renewed at the renewal price (currently $124.99/yr). We will charge you 7-days before renewal. You can cancel at any time before you are charged. ​

 **Free Benefits With Auto-Renewal:

  • For many qualifying product subscriptions McAfee offers additional benefits for free when you are enrolled in auto-renewal. You can check your eligibility for these benefits in your My Account page. Not all benefits are offered in all locations or for all product subscriptions.  System Requirements apply.   Turning off auto-renewal terminates your eligibility for these additional benefits. 
  • Virus Protection Pledge (VPP): If we cannot remove a virus from your supported device we’ll refund you the amount you paid for your current term subscription.  The refund does not apply to any damage or loss caused by a virus.  You are responsible for backing up your data to prevent data loss. See terms here: mcafee.com/pledge.
  • Safe Connect VPN:  You will receive free, unlimited access to our VPN wireless on supported devices. Users not on auto-renewal have access to 500 MB/month of bandwidth.

   Additional Terms Specific to Identity Monitoring Service:

  • Eligibility: McAfee® Identity Monitoring Service Essentials is available within active McAfee Total Protection and McAfee LiveSafe subscriptions with identity monitoring for up to 10 unique emails. Phone number monitoring is enabled upon activation of Automatic Renewal. Not all identity monitoring elements are available in all countries. See Product Terms of Service for more information. 
  • Your subscription is subject to our License Agreement and Privacy Notice. Product features may be added, changed or removed during the subscription term. Some features may require registration and a valid ID number to activate. See System Requirements for additional information.
  • While McAfee Identity Monitoring Service provides you tools and resources to protect yourself from identity theft, no identity can be completely secure.
  • US Only:
    Fair Credit Reporting Act: You have numerous rights under the FCRA, including the right to dispute inaccurate information in your credit report(s). Consumer reporting agencies are required to investigate and respond to your dispute, but are not obligated to change or remove accurate information that is reported in compliance with applicable law. While this plan can provide you assistance in filing a dispute, the FCRA allows you to file a dispute for free with a consumer reporting agency without the assistance of a third party.
  • Identity theft coverage is not available in New York due to regulatory requirements.


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Products

McAfee® Total Protection
McAfee® Gamer Security
McAfee® Identity Monitoring Service
McAfee® Security Scan Plus
McAfee® WebAdvisor
McAfee® Techmaster Concierge
McAfee® Virus Removal Service

Resources

Antivirus
Free Downloads
Parental Controls
Malware
Firewall
 Blogs
Activate Retail Card
Threat Center
McAfee Enterprise

Support

Consumer Support
FAQs
Renewals
Support Community

About

About McAfee
Careers
Contact Us
Newsroom
Investors
Legal Terms
Your Privacy Choices
System Requirements
Sitemap

Copyright © 2022 McAfee, LLC
Copyright © 2022 McAfee, LLC