# Weird IP blocks on my newly installed firewall



## FloridaFisher (Oct 2, 2009)

I JUST installed ZoneAlarm (not pro.. the free one..) and I get a notification as soon as I did the restart after the complete installation.. also.. peerguardian picked up an odd assortment of logs as well.. if anyone could explain either logs to me I would greatly appreciate it.. I look forward to being a regular user here.. actually used a real email : p lol.. thanks for the help guys and girls!
Zone Alarm Log(Hundreds upon hundreds this is just a tiny sample of what it's logging)









PeerGuardian2 Log(Some of these are from my browser.. but one's from the army? wth? lol)


----------



## koala (Mar 27, 2005)

PG2 seems to be blocking attempts to connect to your port 12226. Do you have any file sharing or torrent software installed? Are you sharing any movies? (Verestar and Army monitor these files before taking the user to court)


----------



## FloridaFisher (Oct 2, 2009)

appreciate your post and reply.. 
I have no clue what you're talking about(no I'm not trying to give you a hard time.. )
but.. if one was using a torrent program.. what is 'Army' and what is the 'Verestar' thing? Why do they continue to access if they only log ips(given the nature of said companies that you've mentioned)? wondering for educational purposes of course.. 
what is so significant about this port?

thanks again!


----------



## koala (Mar 27, 2005)

I'm not saying you're file sharing or running any torrent software, just that it's one possiblity that would explain why Verestar (anti-p2p) and the Army (used by movie companies to monitor file sharers) would be monitoring one particular port.

Do you have any file sharing or torrent software installed?


----------



## FloridaFisher (Oct 2, 2009)

UPDATE: 
It's now 7:38 A.M. The log appears to have stopped it's scrolling of all the IPs and PG2 hasn't blocked anything since 5:27 apparently. I have shut off quite a few things after I noticed those.. I killed PG2, Another misc program, and I disabled my internet connection.. I gave it a few minutes and got a little more attempt notices then they just stopped.. 
I've found this site:
http://forums.phoenixlabs.org/showthread.php?t=14841
I guess this Verestar company was bought out by a company called SES Americon or they work along side of them.. 
http://www.fcc.gov/transaction/verestar-ses_americom.html
I really have no clue yet.. I'll figure it out eventually hopefully.. or maybe you can help? 
and this was a little random.. lol..
http://cryptome.org/echelon-ch.htm

thanks again!


----------



## koala (Mar 27, 2005)

Do you have any file sharing or torrent software installed?

Which programs did you shut down?


----------



## FloridaFisher (Oct 2, 2009)

Yes. UTorrent is currently installed.
Everything I'm reading states Verestar went out of business.. etc..
What's with the monitoring of a single port though? can they see sent packets, connections, etc? I've tried to ping all of these ips.. nothing.. ARIN whois won't even read half of them.. should I do anything? anything to be done?


----------



## koala (Mar 27, 2005)

The only advice we can give that will stop these companies monitoring your online activity is to uninstall utorrent and see if the problem goes away.

If uninstalling doesn't fix it, post back with more details about which programs are running, but please read the forum rules about p2p before posting again. We can't offer any support for p2p-related problems.


----------



## FloridaFisher (Oct 2, 2009)

I shut down pretty much everything including my internet.. I won't allow this kinda crap to access my comp.. I'm still wondering why the address blocked aren't giving any info as to where they come from.. I did however get a timewarner and a comcast and a bunch of other miscellaneous crap logged.. 
Glad I have ZA, ESET, & PG2 running.. lol..


----------



## FloridaFisher (Oct 2, 2009)

ahh I appologize.. I just googled tech support and you were the first to pop up.. I didn't take time to read the rules like an idiot.. but in the future I will not ask about anything that I know is related to p2p.. sorry again.. and thanks again!


----------



## FloridaFisher (Oct 2, 2009)

although I did pull this (94.70.50.151) out of my firewall log.. then I googled it.. came up with this:

94.70.51.78 | Mail Server | Dictionary Attacker | IP Address ...
94.70.50.151 | S. 94.70.50.153. 94.70.50.155 | S. 94.70.50.162 | S. 94.70.50.164 | S. 94.70.50.165. 94.70.50.166 | S. 94.70.50.173. 94.70.50.180 | S ...
www.projecthoneypot.org/ip_94.70.51.78 - Similar

and 

Bots vs Browsers Ip Directory Results for 94.70.50.0 to 94.70.50.255
94.70.50.151 94.70.50.152 94.70.50.153 94.70.50.154 94.70.50.155 94.70.50.156 94.70.50.157 94.70.50.158 94.70.50.159 94.70.50.160 94.70.50.161 94.70.50.162 ...
www.botsvsbrowsers.com/ip/94.70.50.?/index.html - Cached - Similar


----------



## koala (Mar 27, 2005)

If you're not sharing copyright-protected files with utorrent and your firewall is blocking these IPs, you've got nothing to worry about. The firewall is doing its job properly.


----------



## Ried (Jan 11, 2005)

As is mentioned in the Forum Rules, we cannot provide P2P support. As such, this thread is closed.


----------

