|
Title: [resolved] odd, outgoing connections on new 2.4.1 installation Post by: jay on Friday 20 May 2011, 06:09:23 am While testing a new EFW install, I noticed a number of short, outgoing connections (on the status page) between the uplink NIC and a lot of external IP addresses. Most of them started and disappeared within a few seconds. I took a screenshot of some of them.
Most of the connections in my screenshot are using port 123 (NTP) and UDP. It seems odd that EFW would want to talk to so many different servers. Also, the uplink NIC is my red NIC -- I don't know if that's always the case -- and it was unplugged while all of this was going on. Logically, it was setup like this: internet > old router > EFWgreen, PC So, for some reason EFW was reaching out to these servers from its unplugged red NIC address. What's going on? Title: Re: odd, outgoing connections on new 2.4.1 installation Post by: bendeliduka on Friday 20 May 2011, 06:34:52 am More correctly, the EFW was *ATTEMPTING* to reach out to these IP's through the RED interface.
NTP (Network Time Protocol) is used to set/sync the clock on the server with known time servers on the internet. You can try clicking on the IP's that were the being connected to to verify they are indeed time servers, but I would not find the traffic suspicious. btw, by convention RED is the external or untrusted interface while GREEN is the trusted interface. Title: Re: odd, outgoing connections on new 2.4.1 installation Post by: jay on Friday 20 May 2011, 07:53:14 am Thanks, bendel. I assumed those connections were succesful but now the "status" column to the right makes perfect sense.
I looked up a few of the IPs and saw one NTP server, one mail server, and some not as obvious. Anyway, thanks for the reassurance. Now I can get back to setting this guy up. |