奇怪的 46253 端口活动穿过了防火墙

奇怪的 46253 端口活动穿过了防火墙

我一直在查看我的个人路由器/防火墙 WGR614v9 的日志文件,尽管网络上有 8 个活动主机,但我不断看到到 192.168.1.20 的 Windows7 主机之一的端口 46253 的连接。路由器/防火墙没有明确打开任何端口,也没有端口转发。此外,主机本身安装了卡巴斯基,几乎所有东西都被阻止了。即使主机没有运行任何东西,这种情况也会持续发生。

知道这可能是什么吗?

[LAN access from remote] from 117.74.45.193:51472 to 192.168.1.20:46253 Saturday, Sep 03,2011 23:00:32
[LAN access from remote] from 71.60.6.115:18690 to 192.168.1.20:46253 Saturday, Sep 03,2011 23:00:31
[LAN access from remote] from 75.186.62.234:24559 to 192.168.1.20:46253 Saturday, Sep 03,2011 23:00:31
[LAN access from remote] from 87.15.197.156:25019 to 192.168.1.20:46253 Saturday, Sep 03,2011 23:00:30
[LAN access from remote] from 122.251.194.120:44058 to 192.168.1.20:46253 Saturday, Sep 03,2011 23:00:30
[LAN access from remote] from 114.187.240.84:19878 to 192.168.1.20:46253 Saturday, Sep 03,2011 23:00:30
[LAN access from remote] from 81.108.216.247:34657 to 192.168.1.20:46253 Saturday, Sep 03,2011 23:00:28
[LAN access from remote] from 114.157.46.38:35605 to 192.168.1.20:46253 Saturday, Sep 03,2011 23:00:27
[LAN access from remote] from 92.147.37.150:53350 to 192.168.1.20:46253 Saturday, Sep 03,2011 23:00:26
[LAN access from remote] from 117.213.38.207:27584 to 192.168.1.20:46253 Saturday, Sep 03,2011 23:00:24
[LAN access from remote] from 189.103.190.79:18095 to 192.168.1.20:46253 Saturday, Sep 03,2011 23:00:22
[LAN access from remote] from 88.4.127.42:4242 to 192.168.1.20:46253 Saturday, Sep 03,2011 23:00:21
[LAN access from remote] from 122.106.187.4:14739 to 192.168.1.20:46253 Saturday, Sep 03,2011 23:00:21
[LAN access from remote] from 114.77.140.67:42347 to 192.168.1.20:46253 Saturday, Sep 03,2011 23:00:19
[LAN access from remote] from 217.79.83.130:8281 to 192.168.1.20:46253 Saturday, Sep 03,2011 23:00:11
[LAN access from remote] from 111.250.207.63:15263 to 192.168.1.20:46253 Saturday, Sep 03,2011 23:00:09
[LAN access from remote] from 88.167.109.100:51413 to 192.168.1.20:46253 Saturday, Sep 03,2011 23:00:08

我已经在主机上安装了 Wireshark,并看到主机对端口 46253 UDP 请求的响应为“目标不可达”...

我还不明白为什么这些请求首先会通过路由器/防火墙!

答案1

尝试运行 netstat -b 来查看哪个可执行文件正在监听这些端口。它可能是卡巴斯基认为有效的某个已安装软件的更新程序。

相关内容