Firewall detecting 'suspicious' incoming network connections and blocking them.


Jun 17, 2014
Hello all,

I realize there are a lot of people eager to help folks like me, but I ask that you read my entire question before giving an answer. =)

A couple weeks ago my AV detected a few trojans on a storage drive and got rid of them. Had no problems until a few days ago when I noticed my computer was using higher than normal resources, so I decided to check my firewalls security history. I noticed unrequested incoming connections from lots of places including Comcasts DNS servers and some other ip addresses including those on my own LAN.

I read that for a few years now due to poor updates by Comcast, hackers are using 'DNS poisoning attacks' using Comcast DNS IP addresses, so I upped the security on my modem, router, and PC firewalls, and changed my DNS servers and have not noticed some of the same IP's and the system is running faster again, but I am still seeing a few blocked connection attempts.

Last night I decided to unplug the cable modem and plug it in this morning and monitor what would show up in the history log, and I noticed without internet access there were immediate incoming connection attempts from my router, and an incoming connection attempt from a Samsung Galaxy S3 on my LAN. Once I plugged the modem in I noticed some blocked connections from the internet.

I suspect some of these may be normal and I probably agreed to some obscure advertising agreement when I installed a game or software item, and they could be their partner servers attempting to push something to my PC.

If there is an expert who can tell me -specifically- why these are happening, it would be great. Maybe even how to stop the devices from attempting the connections.

1. First the router is trying to use port 2869 which is commonly used by ICSLAP

2. The phone is trying to use UDP port 1900 which is for an obsolete SSDP service to push remote installations. (even known to be problematic before the S3 came out).

For the external IP addresses, the first one I looked up was which turns out to be run by OpenX Technologies. They are an advertising company that is used by a lot of major brands.

- Why would openX ad servers be attempting to make a connection to my computer as soon as I power up my cable modem?

Maybe if I can solve this one I can eliminate a few more non threat IP addresses from the list.

Thanks in advance for reading all of this.
Any connection getting blocked by your computer and not your router means that there must be program on your computer requesting the information.
Without a program telling your router to route traffic on port xxxx to your computer it will stop cold once it hits the router due to NAT.

If the galaxy s3 is a rouge device that is not yours, you need to change your wifi password.

You need to use malwarebytes or other program to also search your PC for infections.
I would also close all known internet applications (browser, dropbox, printer applications, etc) and then use resource monitor to see what processes are using network activity. This (with researching the processes) will help you track down if you have a rouge program making internet requests.

You may also need to call your ISP and have a new IP address issued to you.
Thread starter Similar threads Forum Replies Date
X Antivirus / Security / Privacy 0
monkeylovlov Antivirus / Security / Privacy 1
K Antivirus / Security / Privacy 1
M Antivirus / Security / Privacy 7
T Antivirus / Security / Privacy 2
D Antivirus / Security / Privacy 9
C Antivirus / Security / Privacy 1
B Antivirus / Security / Privacy 3
C Antivirus / Security / Privacy 4
L Antivirus / Security / Privacy 2
P Antivirus / Security / Privacy 2
AcidElement Antivirus / Security / Privacy 1
M Antivirus / Security / Privacy 1
thegamersite1 Antivirus / Security / Privacy 1
R Antivirus / Security / Privacy 6
R Antivirus / Security / Privacy 1
DiamondxCrafting Antivirus / Security / Privacy 15
D Antivirus / Security / Privacy 5
M Antivirus / Security / Privacy 4
A Antivirus / Security / Privacy 1