Results 1 to 5 of 5
  1. #1
    Newbie
    Join Date
    Jan 2021
    Posts
    3

    Default Blocked connection to Poland Server - What is it?

    I'm seeing connections from both my server and PC to an IP address in Poland that appears to be suspicious (I think).

    My server is running UnRAID (linux)
    My PC is running Ubuntu (linux)
    The only windows machine on my network is my work laptop and it's been shut down when this occurred.

    I've done everything I can to investigate this, but I just don't know how to figure out what is doing this and if it's an infection or what.
    What can I do to figure out what's on my pc and server reaching out to this IP? It might even be legit, but I have no idea why.

    Screenshot from 2021-01-24 14-42-36.png

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,468

    Default

    That site is for retrieving public IP using python.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Newbie
    Join Date
    Jan 2021
    Posts
    3

    Default

    Quote Originally Posted by jcoffin View Post
    That site is for retrieving public IP using python.
    Interesting, that sounds like it's not malicious in that case.
    EDIT: Well, potentially. I'm worried it could be used to find my IP to connect with me.

    What confuses me is that it's both my server and pc doing this, and only at like 2am - 6am pacific time. Do you happen to know what uses that site?
    Last edited by lordbob75; 01-24-2021 at 05:22 PM.

  4. #4
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,468
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  5. #5
    Newbie
    Join Date
    Jan 2021
    Posts
    3

    Default

    You know, I actually found that post in my searches, but I didn't think it was relevant and didn't read past the first post. The answer was right there below it.
    Thanks for pointing it out, I never would have figured it out otherwise.

    I guess that is indeed legit, I just find it bizarre.

    Ok, so then last and most important question, should I unblock it?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2