I installed firestarter firewall the other day and i had a strange outgoing log
feb 15 time, outgoing, eth0, port:1234 "my server internal addy" destination: "184.108.40.206" Length:44 TOS:0x00 protocl:tcp service:SUBSEVEN. :(
and another one all the same the next day, but the destination was 220.127.116.11
Im behind a m1122 and have a few common ports pinhold to my linux server. i have firestarter on fedora core2 been fully updated with yum.
I run opendchub a "direct connect p2p server" just for a hand full of friends.
plus i run Valknut to connect to my opendchub and a few other small hubs.
i was wanting to know if this is just a outgoing search from my valknut to someone one in a hub im connected to, on port 1234. user with active settings which is using tcp 1234
looking at the port list on the net i found "port 1234 search-agent - Infoseek Search Agent" i do know the port on subseven can be changed, but would firestarter know the difference and class this as subseven because it had a special signature etc.
i would hate to be routing or festering trojons! ill keep looking around the net but can anyone clear this up for me?
Thank you to anyone that helps in advanced