poudenes
By:
poudenes

strange outgoing request to a IP

February 17, 2015 1.6k views

Hi All,

I can't figure out why my droplet do a outgoing try to 130.158.6.114

My /var/log/messages is full of follow lines:

Feb 17 23:02:27 sentora kernel: [919068.475377] Firewall: UDP_OUT Blocked IN= OUT=eth0 SRC=188.166.x.x DST=130.158.6.114 LEN=29 TOS=0x00 PREC=0x00 TTL=64 ID=41189 DF PROTO=UDP SPT=25801 DPT=5004 LEN=9 UID=0 GID=0

Feb 17 23:02:27 sentora kernel: Firewall: UDP_OUT Blocked IN= OUT=eth0 SRC=188.166.x.x DST=130.158.6.114 LEN=29 TOS=0x00 PREC=0x00 TTL=64 ID=41189 DF PROTO=UDP SPT=25801 DPT=5004 LEN=9 UID=0 GID=0

Can someone help me out with this?

3 Answers

The whois shows "University of Tsukuba". Those are the people who make SoftEther VPN. If you have that installed, there is something they do called a keep alive packet and something for DNS. You can turn those off without doing damage. I did.

Yes. I use SoftEther VPN as well. Will check that and turn that off.
Thank you so much !!

did the action and used the KeepDisable but still got msg ...

130.158.6.111 this time...

  • Is is still the same on the whois. Make sure you turn off their DNS service and the keep alive service. They also might have a statistical service too just to see how much ram and such your droplet has. I am not sure on the last part. All I can say is you have nothing to worry about.

Have another answer? Share your knowledge.