Date: Fri, 24 Jul 2020 03:46:11 +0200 From: Polytropon <freebsd@edvax.de> To: Ernie Luzar <luzar722@gmail.com> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: ipfw is making contact with 198.61.170.85 port 4021 Message-ID: <20200724034611.53c30377.freebsd@edvax.de> In-Reply-To: <5F1A354B.7030508@gmail.com> References: <5F1A354B.7030508@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 23 Jul 2020 21:11:39 -0400, Ernie Luzar wrote: > A firewall should not be making its own contact with any public ip > address. This is a security hole. If ipfw should have done that - yes, that would be correct. However, it is not the purpose of a firewall to contact anything, anywhere, and ipfw has not done so in decades. May I ask why you assume that ipfw is the problem here? Do you have any specific logs or messages that you can post to the list? Sidenote: The IP 198.61.170.85 belongs to alerts0.envisacor.com. The homepage belongs to something called "Envisacor" which states about itself that it is "a premiere ODM to the Security and Home Automation industries" and is doing "design including IP based-products". So maybe it's in fact something in your network you bought from that company that is phoning home? Just guessing. But at least it looks like a valid assumption... > I have not played with ipfw since before it was rewritten to become > ipfw2 so I do not know when this internal "call home" function was > added. Never. > Can any one provide any info about this? If _you_ can provide some more information? :-) Do you have any logs that show what is the originator of the connection, what connection it is, and maybe if there is some content transmitted? Tools like tcpdump or wireshark can be helpful here. But if you have firewall logging, maybe you can show some lines from the log related to that IP address? -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200724034611.53c30377.freebsd>