strange outgoing request to a IP

February 17, 2015 3.2k views

Hi All,

I can’t figure out why my droplet do a outgoing try to 130.158.6.114

My /var/log/messages is full of follow lines:

Feb 17 23:02:27 sentora kernel: [919068.475377] Firewall: UDP_OUT Blocked IN= OUT=eth0 SRC=188.166.x.x DST=130.158.6.114 LEN=29 TOS=0x00 PREC=0x00 TTL=64 ID=41189 DF PROTO=UDP SPT=25801 DPT=5004 LEN=9 UID=0 GID=0

Feb 17 23:02:27 sentora kernel: Firewall: UDP_OUT Blocked IN= OUT=eth0 SRC=188.166.x.x DST=130.158.6.114 LEN=29 TOS=0x00 PREC=0x00 TTL=64 ID=41189 DF PROTO=UDP SPT=25801 DPT=5004 LEN=9 UID=0 GID=0

Can someone help me out with this?

3 Answers

The whois shows “University of Tsukuba”. Those are the people who make SoftEther VPN. If you have that installed, there is something they do called a keep alive packet and something for DNS. You can turn those off without doing damage. I did.

Yes. I use SoftEther VPN as well. Will check that and turn that off.
Thank you so much !!

did the action and used the KeepDisable but still got msg …

130.158.6.111 this time…

  • Is is still the same on the whois. Make sure you turn off their DNS service and the keep alive service. They also might have a statistical service too just to see how much ram and such your droplet has. I am not sure on the last part. All I can say is you have nothing to worry about.

Have another answer? Share your knowledge.