Hey all.

Ive just reinstalled Ubuntu 8.10 alongside Vista (Dual boot).

and something quite worrying happened.!!

the first thing i installed before even installing all the updates, was firestater firewall.

and literally within 3 seconds of installing firestarter and running it.

I got numerous firewall HIT alerts.

It looks as though i was hit by numerous ip addresses, but they where all hitting me on the same port.

Port number: 588116

It has been sometime since i have used ubuntu because my new laptop was shipped with vista, so i must admit i have been quitly impressed with Microsofts new outing.

But never the less, the alure to come back to Ubuntu has just been to strong, because i have got a little fed up with some of the niggly little security issues Microsofts OS have always been blighted with (Even Vista)

I am unsure wheather i should be concerned wit being hit so many times , or if indeed they pose a security threat.

But i had never had so many firewall hits within seconds of installing Ubuntu.

I'm hoping someone will be able to shed a little light onto my above issue and if possible tell me of a soluton, or a way to stop it ever happening again.

I look forward to once again conversing with all you helpfull souls.

I have copied a list of all the firewall hits I got below. so I hope it might be helpfull When/If anyone helps me out...
Kind Regards

Mark Hogan


Time:Jan 24 06:31:58 Direction: Unknown In:eth0 Out: Port:58116 Source:117.193.1.21 Destination:192.168.0.2 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:32:00 Direction: Unknown In:eth0 Out: Port:58116 Source:117.193.1.21 Destination:192.168.0.2 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:32:06 Direction: Unknown In:eth0 Out: Port:58116 Source:117.193.1.21 Destination:192.168.0.2 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:33:47 Direction: Unknown In:eth0 Out: Port:58116 Source:118.108.156.125 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:34:50 Direction: Unknown In:eth0 Out: Port:58116 Source:118.161.250.86 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:31:59 Direction: Unknown In:eth0 Out: Port:58116 Source:121.30.130.197 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:34:56 Direction: Unknown In:eth0 Out: Port:58116 Source:122.173.23.184 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:32:23 Direction: Unknown In:eth0 Out: Port:58116 Source:12.219.43.197 Destination:192.168.0.2 Length:129 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:35:07 Direction: Unknown In:eth0 Out: Port:58116 Source:122.53.63.185 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:35:05 Direction: Unknown In:eth0 Out: Port:58116 Source:123.204.133.222 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:33:48 Direction: Unknown In:eth0 Out: Port:58116 Source:124.144.188.138 Destination:192.168.0.2 Length:129 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:33:14 Direction: Unknown In:eth0 Out: Port:58116 Source:125.25.26.254 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:32:40 Direction: Unknown In:eth0 Out: Port:58116 Source:125.78.14.76 Destination:192.168.0.2 Length:129 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:31:49 Direction: Unknown In:eth0 Out: Port:58116 Source:189.158.154.4 Destination:192.168.0.2 Length:95 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:32:48 Direction: Unknown In:eth0 Out: Port:58116 Source:190.246.206.82 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:32:46 Direction: Unknown In:eth0 Out: Port:58116 Source:201.9.234.200 Destination:192.168.0.2 Length:131 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:34:36 Direction: Unknown In:eth0 Out: Port:58116 Source:218.102.149.17 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:35:06 Direction: Unknown In:eth0 Out: Port:58116 Source:220.138.49.2 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:33:43 Direction: Unknown In:eth0 Out: Port:58116 Source:4.79.142.206 Destination:192.168.0.2 Length:44 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:33:45 Direction: Unknown In:eth0 Out: Port:58116 Source:4.79.142.206 Destination:192.168.0.2 Length:44 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:33:47 Direction: Unknown In:eth0 Out: Port:58116 Source:4.79.142.206 Destination:192.168.0.2 Length:44 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:34:33 Direction: Unknown In:eth0 Out: Port:58116 Source:60.185.152.244 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:32:37 Direction: Unknown In:eth0 Out: Port:58116 Source:62.226.66.138 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:34:55 Direction: Unknown In:eth0 Out: Port:58116 Source:71.100.136.224 Destination:192.168.0.2 Length:95 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:32:34 Direction: Unknown In:eth0 Out: Port:58116 Source:74.170.14.244 Destination:192.168.0.2 Length:131 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:35:50 Direction: Unknown In:eth0 Out: Port:58116 Source:76.117.126.108 Destination:192.168.0.2 Length:52 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:35:58 Direction: Unknown In:eth0 Out: Port:58116 Source:76.117.126.108 Destination:192.168.0.2 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:35:56 Direction: Unknown In:eth0 Out: Port:58116 Source:77.224.159.125 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:32:26 Direction: Unknown In:eth0 Out: Port:58116 Source:79.46.142.32 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:33:30 Direction: Unknown In:eth0 Out: Port:58116 Source:80.202.222.7 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:34:45 Direction: Unknown In:eth0 Out: Port:58116 Source:82.120.123.8 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:35:25 Direction: Unknown In:eth0 Out: Port:58116 Source:85.122.86.216 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:31:59 Direction: Unknown In:eth0 Out: Port:58116 Source:86.139.6.119 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:35:18 Direction: Unknown In:eth0 Out: Port:58116 Source:89.212.53.6 Destination:192.168.0.2 Length:60 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:35:43 Direction: Unknown In:eth0 Out: Port:58116 Source:89.215.88.199 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:33:36 Direction: Unknown In:eth0 Out: Port:58116 Source:89.243.158.124 Destination:192.168.0.2 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:33:39 Direction: Unknown In:eth0 Out: Port:58116 Source:89.243.158.124 Destination:192.168.0.2 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:33:45 Direction: Unknown In:eth0 Out: Port:58116 Source:89.243.158.124 Destination:192.168.0.2 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:35:00 Direction: Unknown In:eth0 Out: Port:58116 Source:89.25.56.66 Destination:192.168.0.2 Length:126 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:34:21 Direction: Unknown In:eth0 Out: Port:58116 Source:90.211.221.214 Destination:192.168.0.2 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:34:55 Direction: Unknown In:eth0 Out: Port:58116 Source:90.211.221.214 Destination:192.168.0.2 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:34:58 Direction: Unknown In:eth0 Out: Port:58116 Source:90.211.221.214 Destination:192.168.0.2 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:35:04 Direction: Unknown In:eth0 Out: Port:58116 Source:90.211.221.214 Destination:192.168.0.2 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:33:28 Direction: Unknown In:eth0 Out: Port:58116 Source:92.10.7.51 Destination:192.168.0.2 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:33:31 Direction: Unknown In:eth0 Out: Port:58116 Source:92.10.7.51 Destination:192.168.0.2 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:33:37 Direction: Unknown In:eth0 Out: Port:58116 Source:92.10.7.51 Destination:192.168.0.2 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Jan 24 06:34:59 Direction: Unknown In:eth0 Out: Port:58116 Source:92.3.211.64 Destination:192.168.0.2 Length:129 TOS:0x00 Protocol:UDP Service:Unknown
Time:Jan 24 06:32:03 Direction: Unknown In:eth0 Out: Port:58116 Source:99.224.197.244 Destination:192.168.0.2 Length:95 TOS:0x00 Protocol:UDP Service:Unknown

(1) firestarter is no firewall
(2) by installing firestarter you change the default rules in iptables
(3) if you don't have anything running on that port, don't be worried

Are you running transmission or some other bit torrent client?

Here's the deal. You box is on a private ip address that is NAT'ed to outside world.

What this means is that - These boxes that are going to port 58116 are not initiating connections in. They can't 192.168 is not route-able, they are instead responding to connections initiated by your machine.

run:


sudo lsof|grep 58116


to try to find out what on your box is so chatty.

You already have a firewall, it is called "iptables", firestarter is just a GUI for iptables, plus it adds some stuff like aggressive logging, you don't need to change the default settings or install firestarter if you haven't installed any services - fileserver, ssh server, apache, router.

If you have been running a torrent client in Vista and rebooted to ubuntu, those log prompts are bittorrent peers you were connected to in Vista still trying to connect with your machine.

If you use p2p software on Windows, and the incoming port is 58116, even after the program is not running, you'll still get numerous requests on that port. I don't think there is much to worry about if that's the case.