torstein
Senior Member
I've been getting more and more outbound blocks lately from my mac mini serving as a home server - downloads, media, network time machine backups and backblaze cloud backup. I clicked on the otx.alienvault links and this is what I found:
The first IP 157.97.132.236 (alienvault link) is from a company called Cyprus telecommunications Authority listening on 21 , 22 , 80, 123 , 143 , 443 , 587 , 3306 , 8080 , 8443. This entry has no tags. and under pulses is flagged as "internet white noise".
The second IP 141.95.89.126 (alienvault link) is from a company called OVH SAS, a french cloud computing company which listens on port 22 (SSH iirc) and has tags such as botnet, scanning, etc
The third IP for some reason is my mac mini servers own internal IP-address 192.168.50.205, for some reason. I guess that means nothing.
I didn't understand why my mac mini server has anything outbound to Cyprus telecommunications authroity and another to OVH SAS, a french cloud company.
I installed therefore Little Snitch for macOS. It's basically a firewall that shows which app or service / process tries to connect outbound and inbound to which ip-addresses and which countries they origin from.
Little Snitch didn't report any of these two addresses from my mac mini server.
So I'm wondering, is Skynet mixing something up? Why is it reporting ip-addresses being blocked outbound when Little Snitch on the mac itself didn't report any such IP-addresses?
The first IP 157.97.132.236 (alienvault link) is from a company called Cyprus telecommunications Authority listening on 21 , 22 , 80, 123 , 143 , 443 , 587 , 3306 , 8080 , 8443. This entry has no tags. and under pulses is flagged as "internet white noise".
The second IP 141.95.89.126 (alienvault link) is from a company called OVH SAS, a french cloud computing company which listens on port 22 (SSH iirc) and has tags such as botnet, scanning, etc
The third IP for some reason is my mac mini servers own internal IP-address 192.168.50.205, for some reason. I guess that means nothing.
I didn't understand why my mac mini server has anything outbound to Cyprus telecommunications authroity and another to OVH SAS, a french cloud company.
I installed therefore Little Snitch for macOS. It's basically a firewall that shows which app or service / process tries to connect outbound and inbound to which ip-addresses and which countries they origin from.
Little Snitch didn't report any of these two addresses from my mac mini server.
So I'm wondering, is Skynet mixing something up? Why is it reporting ip-addresses being blocked outbound when Little Snitch on the mac itself didn't report any such IP-addresses?