Strange request from Svcs & Ctlr App for nonexistent IP
Posted on 2004-03-26
Today ZoneAlarm popped up an alert that Services & Controller App wanted to accept connections from the private network address of 192.168.7.175:13568. Several times after it also wanted to accept a connection from 192.168.7.170:53. I said no the first time so all subsequent have been blocked.
This is strange and worrisome because I only have three items on my private network, the router at 192.168.0.1, desktop at 192.168.0.101 and a laptop at 192.168.0.100. I'm connected to internet via DSL modem on the WAN port of the router. The modem is not visible on the network, and the laptop is not turned on. The router is serving as DHCP server, firewall, and NAT, and gateway.
Where can this nonexistent IP address be coming from? Has some outside intrusion made it's way past the router and presented itself as coming from 192.168.7.170 & .175?
Here's the ZA log entries.
PE,2004/03/26,11:09:12 -6:00 GMT,Services and Controller app,192.168.7.175:53,N/A
ACCESS,2004/03/26,11:13:28 -6:00 GMT,Services and Controller app was temporarily blocked from accepting a connection from the local zone (192.168.7.175:DNS).,N/A,N/A
ACCESS,2004/03/26,11:13:28 -6:00 GMT,Services and Controller app was temporarily blocked from accepting a connection from the local zone (192.168.7.170:DNS).,N/A,N/A