Vista - Firewall blocking msgs from Microsoft (Foldershare)

05-12-2008

Foldershare has been working well for me for a number of months, and I
thank the Microsoft Foldershare team for their hard work on this great
product.

I have a question regarding some messages I'm seeing in my hardware
firewall's log (see below). The firewall is blocking a number of
attempts by Microsoft to access ports on my system. I'm guessing that
these attempts are coming from the Foldershare server, and that they
are probably benign.

Although Foldershare seems to be working OK, I'm wondering if you can
verify that these requests are indeed coming from Foldershare, and
tell me if I should take any action to handle these probes by
adjusting settings in my firewall to let them through. Perhaps I can
improve performance (or at least alleviate my possibly paranoid
concerns).

Thank you,

Jon S.
Systems Analyst

P.S. These messages were logged immedately after booting up this
morning, immediately after the router came online and Foldershare
logged in. I've edited out my local IP addresses....

[INFO] Sun May 11 08:49:59 2008 Blocked incoming TCP connection
request from 65.55.24.40:3513 to xx.xx.xx.xx:6571
[INFO] Sun May 11 08:49:59 2008 Blocked incoming TCP connection
request from 65.55.24.40:3514 to xx.xx.xx.xx:8000
[INFO] Sun May 11 08:49:59 2008 Blocked incoming TCP connection
request from 65.55.24.40:3512 to xx.xx.xx.xx:443
[INFO] Sun May 11 08:49:59 2008 Blocked incoming TCP connection
request from 65.55.24.40:3511 to xx.xx.xx.xx:80
[INFO] Sun May 11 08:49:53 2008 Blocked incoming TCP connection
request from 65.55.24.40:3514 to xx.xx.xx.xx:8000
[INFO] Sun May 11 08:49:53 2008 Blocked incoming TCP connection
request from 65.55.24.40:3513 to xx.xx.xx.xx:6571
[INFO] Sun May 11 08:49:53 2008 Blocked incoming TCP connection
request from 65.55.24.40:3512 to xx.xx.xx.xx:443
[INFO] Sun May 11 08:49:53 2008 Blocked incoming TCP connection
request from 65.55.24.40:3511 to xx.xx.xx.xx:80
[INFO] Sun May 11 08:49:50 2008 Blocked incoming TCP connection
request from 65.55.24.40:3513 to xx.xx.xx.xx:6571
[INFO] Sun May 11 08:49:50 2008 Blocked incoming TCP connection
request from 65.55.24.40:3514 to xx.xx.xx.xx:8000
[INFO] Sun May 11 08:49:50 2008 Blocked incoming TCP connection
request from 65.55.24.40:3512 to xx.xx.xx.xx:443
[INFO] Sun May 11 08:49:50 2008 Blocked incoming TCP connection
request from 65.55.24.40:3511 to xx.xx.xx.xx:80

05-12-2008

Although its assignee does not have reverse DNS on address 65.55.24.40 it
is in one of Microsoft's netblocks and those connection attempts were only
to FolderShare TCP/IP service ports, so I would presume those connection
attempts were both proper and benign.

CIDR: 65.52.0.0/14
NetName: MICROSOFT-1BLK

Neither FolderShare staff nor documentation have explained the benefits, if
any, from allowing incoming connections. I run the program both with and
without those and I never notice any difference in performance.

Tony

05-12-2008

The polling on FolderShare startup is used to determine if your client can
accept p2p connections from other clients. If these are negative, all file
transfers will go through the FolderShare relay servers which will make the
transfer slower and cannot handle files over 2GB.

If you want the best performance when transferring files, you should allow
these incoming connections.

--
Jeremy Epling
Lead Program Manager - Windows Live FolderShare

"Anthony R. Gold" wrote:

Quote:

> Although its assignee does not have reverse DNS on address 65.55.24.40 it
> is in one of Microsoft's netblocks and those connection attempts were only
> to FolderShare TCP/IP service ports, so I would presume those connection
> attempts were both proper and benign.
>
> CIDR: 65.52.0.0/14
> NetName: MICROSOFT-1BLK
>
> Neither FolderShare staff nor documentation have explained the benefits, if
> any, from allowing incoming connections. I run the program both with and
> without those and I never notice any difference in performance.
>
> Tony
>
>

05-12-2008

On Mon, 12 May 2008 20:09:03 -0700, Jeremy Epling [MSFT]
<JeremyEplingMSFT@xxxxxx> wrote:

Quote:

> The polling on FolderShare startup is used to determine if your client can
> accept p2p connections from other clients. If these are negative, all file
> transfers will go through the FolderShare relay servers which will make the
> transfer slower and cannot handle files over 2GB.
>
> If you want the best performance when transferring files, you should allow
> these incoming connections.

Thanks for that heads-up Jeremy. Both the speed advantage and the ability
to handle files over 2GB by allowing p2p between clients appear to be both
valuable and also absent from mention in the Windows Live Help pages.

Tony

05-13-2008

On May 12, 11:42 pm, "Anthony R. Gold" <not-for-m...@xxxxxx>
wrote:

Quote:

> On Mon, 12 May 2008 20:09:03 -0700, Jeremy Epling [MSFT]
>
> <JeremyEplingM...@xxxxxx> wrote:

Quote:

> > The polling on FolderShare startup is used to determine if your client can
> > accept p2p connections from other clients. If these are negative, all file
> > transfers will go through the FolderShare relay servers which will make the
> > transfer slower and cannot handle files over 2GB.

>

Quote:

> > If you want the best performance when transferring files, you should allow
> > these incoming connections.

>
> Thanks for that heads-up Jeremy. Both the speed advantage and the ability
> to handle files over 2GB by allowing p2p between clients appear to be both
> valuable and also absent from mention in the Windows Live Help pages.
>
> Tony

Thanks Jeremy. I'll go to my router and see what I can do to let
these through.

Jon

05-14-2008

On May 12, 11:09 pm, Jeremy Epling [MSFT]
<JeremyEplingM...@xxxxxx> wrote:

Quote:

> The polling on FolderShare startup is used to determine if your client can
> accept p2p connections from other clients. If these are negative, all file
> transfers will go through the FolderShare relay servers which will make the
> transfer slower and cannot handle files over 2GB.
>
> If you want the best performance when transferring files, you should allow
> these incoming connections.
>
> --
> Jeremy Epling
> Lead Program Manager - Windows Live FolderShare
>
> "Anthony R. Gold" wrote:

Quote:

> > Although its assignee does not have reverse DNS on address 65.55.24.40 it
> > is in one of Microsoft's netblocks and those connection attempts were only
> > to FolderShare TCP/IP service ports, so I would presume those connection
> > attempts were both proper and benign.

>

Quote:

> > CIDR: 65.52.0.0/14
> > NetName: MICROSOFT-1BLK

>

Quote:

> > Neither FolderShare staff nor documentation have explained the benefits, if
> > any, from allowing incoming connections. I run the program both with and
> > without those and I never notice any difference in performance.

>

Quote:

> > Tony

I set up Port Forwarding in my router's firewall for these particular
port requests. At least I think I got it right. The messages about
incoming TCP connections being blocked have gone away, but now I'm
getting the messages shown below. Any idea what to do about them, if
anything?

Also, Folder share says it is online, but it has stopped saying
"behind NAT". Is that to be expected since I changed the port
filtering rules?

[INFO] Wed May 14 10:06:15 2008 Blocked incoming TCP packet from
65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is
no active connection
[INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from
192.168.0.199:80 to 65.55.24.43:37154 as FIN:ACK received but there is
no active connection
[INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from
192.168.0.199:6571 to 65.55.24.43:37156 as FIN:ACK received but there
is no active connection
[INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from
192.168.0.199:443 to 65.55.24.43:37155 as FIN:ACK received but there
is no active connection
[INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from
192.168.0.199:8000 to 65.55.24.43:37157 as FIN:ACK received but there
is no active connection
[INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from
65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is
no active connection
[INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from
65.55.24.43:37155 to xx.xx.xx.xx:443 as ACK received but there is no
active connection
[INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from
65.55.24.43:37156 to xx.xx.xx.xx:6571 as ACK received but there is no
active connection
[INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from
65.55.24.43:37157 to xx.xx.xx.xx:8000 as ACK received but there is no
active connection
[INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from
65.55.24.43:37154 to xx.xx.xx.xx:80 as ACK received but there is no
active connection
[INFO] Wed May 14 10:06:07 2008 Blocked incoming TCP packet from
65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is
no active connection
[INFO] Wed May 14 10:06:03 2008 Above message repeated 1 times
[INFO] Wed May 14 10:06:01 2008 Blocked incoming TCP packet from
65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is
no active connection
[INFO] Wed May 14 10:06:01 2008 Blocked incoming TCP packet from
65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is
no active connection
[INFO] Wed May 14 10:05:59 2008 Above message repeated 1 times
[INFO] Wed May 14 10:05:58 2008 Blocked outgoing TCP packet from
192.168.0.199:1030 to 65.55.24.46:443 as PSH:ACK received but there is
no active connection
[INFO] Wed May 14 10:05:57 2008 Blocked incoming TCP packet from
65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is
no active connection
[INFO] Wed May 14 10:05:56 2008 Above message repeated 1 times
[INFO] Wed May 14 10:05:56 2008 Blocked incoming TCP packet from
65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is
no active connection
[INFO] Wed May 14 10:05:55 2008 Log viewed by IP address
192.168.0.199
[INFO] Wed May 14 10:05:55 2008 Blocked incoming TCP packet from
65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is
no active connection
[INFO] Wed May 14 10:05:53 2008 Allowed configuration authentication
by IP address 192.168.0.199
[INFO] Wed May 14 10:05:53 2008 Blocked incoming TCP packet from
65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is
no active connection
[INFO] Wed May 14 10:05:50 2008 Above message repeated 1 times
[INFO] Wed May 14 10:05:48 2008 Blocked outgoing TCP packet from
192.168.0.189:1053 to 65.55.24.49:443 as PSH:ACK received but there is
no active connection
[INFO] Wed May 14 10:05:47 2008 Blocked incoming TCP packet from
65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is
no active connection
[INFO] Wed May 14 10:05:45 2008 Above message repeated 2 times
[INFO] Wed May 14 10:05:39 2008 Time synchronized

05-14-2008

Yes, It should stop saying Behind NAT. I am not sure how to help with the "no
active connection" issue. Sorry I can't help more.

If you have a UPNP router and the FolderShare UPNP setting enabled, you do
not need to manually map ports.

--
Jeremy Epling
Lead Program Manager - Windows Live FolderShare

"Jon S" wrote:

Quote:

> On May 12, 11:09 pm, Jeremy Epling [MSFT]
> <JeremyEplingM...@xxxxxx> wrote:

Quote:

> > The polling on FolderShare startup is used to determine if your client can
> > accept p2p connections from other clients. If these are negative, all file
> > transfers will go through the FolderShare relay servers which will make the
> > transfer slower and cannot handle files over 2GB.
> >
> > If you want the best performance when transferring files, you should allow
> > these incoming connections.
> >
> > --
> > Jeremy Epling
> > Lead Program Manager - Windows Live FolderShare
> >
> > "Anthony R. Gold" wrote:

Quote:

> > > Although its assignee does not have reverse DNS on address 65.55.24.40 it
> > > is in one of Microsoft's netblocks and those connection attempts were only
> > > to FolderShare TCP/IP service ports, so I would presume those connection
> > > attempts were both proper and benign.

> >

Quote:

> > > CIDR: 65.52.0.0/14
> > > NetName: MICROSOFT-1BLK

> >

Quote:

> > > Neither FolderShare staff nor documentation have explained the benefits, if
> > > any, from allowing incoming connections. I run the program both with and
> > > without those and I never notice any difference in performance.

> >

Quote:

> > > Tony

>
> I set up Port Forwarding in my router's firewall for these particular
> port requests. At least I think I got it right. The messages about
> incoming TCP connections being blocked have gone away, but now I'm
> getting the messages shown below. Any idea what to do about them, if
> anything?
>
> Also, Folder share says it is online, but it has stopped saying
> "behind NAT". Is that to be expected since I changed the port
> filtering rules?
>
> [INFO] Wed May 14 10:06:15 2008 Blocked incoming TCP packet from
> 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is
> no active connection
> [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from
> 192.168.0.199:80 to 65.55.24.43:37154 as FIN:ACK received but there is
> no active connection
> [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from
> 192.168.0.199:6571 to 65.55.24.43:37156 as FIN:ACK received but there
> is no active connection
> [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from
> 192.168.0.199:443 to 65.55.24.43:37155 as FIN:ACK received but there
> is no active connection
> [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from
> 192.168.0.199:8000 to 65.55.24.43:37157 as FIN:ACK received but there
> is no active connection
> [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from
> 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is
> no active connection
> [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from
> 65.55.24.43:37155 to xx.xx.xx.xx:443 as ACK received but there is no
> active connection
> [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from
> 65.55.24.43:37156 to xx.xx.xx.xx:6571 as ACK received but there is no
> active connection
> [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from
> 65.55.24.43:37157 to xx.xx.xx.xx:8000 as ACK received but there is no
> active connection
> [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from
> 65.55.24.43:37154 to xx.xx.xx.xx:80 as ACK received but there is no
> active connection
> [INFO] Wed May 14 10:06:07 2008 Blocked incoming TCP packet from
> 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is
> no active connection
> [INFO] Wed May 14 10:06:03 2008 Above message repeated 1 times
> [INFO] Wed May 14 10:06:01 2008 Blocked incoming TCP packet from
> 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is
> no active connection
> [INFO] Wed May 14 10:06:01 2008 Blocked incoming TCP packet from
> 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is
> no active connection
> [INFO] Wed May 14 10:05:59 2008 Above message repeated 1 times
> [INFO] Wed May 14 10:05:58 2008 Blocked outgoing TCP packet from
> 192.168.0.199:1030 to 65.55.24.46:443 as PSH:ACK received but there is
> no active connection
> [INFO] Wed May 14 10:05:57 2008 Blocked incoming TCP packet from
> 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is
> no active connection
> [INFO] Wed May 14 10:05:56 2008 Above message repeated 1 times
> [INFO] Wed May 14 10:05:56 2008 Blocked incoming TCP packet from
> 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is
> no active connection
> [INFO] Wed May 14 10:05:55 2008 Log viewed by IP address
> 192.168.0.199
> [INFO] Wed May 14 10:05:55 2008 Blocked incoming TCP packet from
> 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is
> no active connection
> [INFO] Wed May 14 10:05:53 2008 Allowed configuration authentication
> by IP address 192.168.0.199
> [INFO] Wed May 14 10:05:53 2008 Blocked incoming TCP packet from
> 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is
> no active connection
> [INFO] Wed May 14 10:05:50 2008 Above message repeated 1 times
> [INFO] Wed May 14 10:05:48 2008 Blocked outgoing TCP packet from
> 192.168.0.189:1053 to 65.55.24.49:443 as PSH:ACK received but there is
> no active connection
> [INFO] Wed May 14 10:05:47 2008 Blocked incoming TCP packet from
> 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is
> no active connection
> [INFO] Wed May 14 10:05:45 2008 Above message repeated 2 times
> [INFO] Wed May 14 10:05:39 2008 Time synchronized
>

05-15-2008

On May 14, 11:56 pm, Jeremy Epling [MSFT]
<JeremyEplingM...@xxxxxx> wrote:

Quote:

> Yes, It should stop saying Behind NAT. I am not sure how to help with the "no
> active connection" issue. Sorry I can't help more.
>
> If you have a UPNP router and the FolderShare UPNP setting enabled, you do
> not need to manually map ports.
>
> --
> Jeremy Epling
> Lead Program Manager - Windows Live FolderShare
>
> "Jon S" wrote:

Quote:

> > On May 12, 11:09 pm, Jeremy Epling [MSFT]
> > <JeremyEplingM...@xxxxxx> wrote:

Quote:

> > > The polling on FolderShare startup is used to determine if your client can
> > > accept p2p connections from other clients. If these are negative, all file
> > > transfers will go through the FolderShare relay servers which will make the
> > > transfer slower and cannot handle files over 2GB.

>

Quote:

> > > If you want the best performance when transferring files, you should allow
> > > these incoming connections.

>

Quote:

> > > --
> > > Jeremy Epling
> > > Lead Program Manager - Windows Live FolderShare

>

Quote:

> > > "Anthony R. Gold" wrote:
> > > > Although its assignee does not have reverse DNS on address 65.55.24.40 it
> > > > is in one of Microsoft's netblocks and those connection attempts were only
> > > > to FolderShare TCP/IP service ports, so I would presume those connection
> > > > attempts were both proper and benign.

>

Quote:

> > > > CIDR: 65.52.0.0/14
> > > > NetName: MICROSOFT-1BLK

>

Quote:

> > > > Neither FolderShare staff nor documentation have explained the benefits, if
> > > > any, from allowing incoming connections. I run the program both with and
> > > > without those and I never notice any difference in performance.

>

Quote:

> > > > Tony

>

Quote:

> > I set up Port Forwarding in my router's firewall for these particular
> > port requests. At least I think I got it right. The messages about
> > incoming TCP connections being blocked have gone away, but now I'm
> > getting the messages shown below. Any idea what to do about them, if
> > anything?

>

Quote:

> > Also, Folder share says it is online, but it has stopped saying
> > "behind NAT". Is that to be expected since I changed the port
> > filtering rules?

>

Quote:

> > [INFO] Wed May 14 10:06:15 2008 Blocked incoming TCP packet from
> > 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is
> > no active connection
> > [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from
> > 192.168.0.199:80 to 65.55.24.43:37154 as FIN:ACK received but there is
> > no active connection
> > [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from
> > 192.168.0.199:6571 to 65.55.24.43:37156 as FIN:ACK received but there
> > is no active connection
> > [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from
> > 192.168.0.199:443 to 65.55.24.43:37155 as FIN:ACK received but there
> > is no active connection
> > [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from
> > 192.168.0.199:8000 to 65.55.24.43:37157 as FIN:ACK received but there
> > is no active connection
> > [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from
> > 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is
> > no active connection
> > [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from
> > 65.55.24.43:37155 to xx.xx.xx.xx:443 as ACK received but there is no
> > active connection
> > [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from
> > 65.55.24.43:37156 to xx.xx.xx.xx:6571 as ACK received but there is no
> > active connection
> > [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from
> > 65.55.24.43:37157 to xx.xx.xx.xx:8000 as ACK received but there is no
> > active connection
> > [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from
> > 65.55.24.43:37154 to xx.xx.xx.xx:80 as ACK received but there is no
> > active connection
> > [INFO] Wed May 14 10:06:07 2008 Blocked incoming TCP packet from
> > 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is
> > no active connection
> > [INFO] Wed May 14 10:06:03 2008 Above message repeated 1 times
> > [INFO] Wed May 14 10:06:01 2008 Blocked incoming TCP packet from
> > 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is
> > no active connection
> > [INFO] Wed May 14 10:06:01 2008 Blocked incoming TCP packet from
> > 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is
> > no active connection
> > [INFO] Wed May 14 10:05:59 2008 Above message repeated 1 times
> > [INFO] Wed May 14 10:05:58 2008 Blocked outgoing TCP packet from
> > 192.168.0.199:1030 to 65.55.24.46:443 as PSH:ACK received but there is
> > no active connection
> > [INFO] Wed May 14 10:05:57 2008 Blocked incoming TCP packet from
> > 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is
> > no active connection
> > [INFO] Wed May 14 10:05:56 2008 Above message repeated 1 times
> > [INFO] Wed May 14 10:05:56 2008 Blocked incoming TCP packet from
> > 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is
> > no active connection
> > [INFO] Wed May 14 10:05:55 2008 Log viewed by IP address
> > 192.168.0.199
> > [INFO] Wed May 14 10:05:55 2008 Blocked incoming TCP packet from
> > 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is
> > no active connection
> > [INFO] Wed May 14 10:05:53 2008 Allowed configuration authentication
> > by IP address 192.168.0.199
> > [INFO] Wed May 14 10:05:53 2008 Blocked incoming TCP packet from
> > 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is
> > no active connection
> > [INFO] Wed May 14 10:05:50 2008 Above message repeated 1 times
> > [INFO] Wed May 14 10:05:48 2008 Blocked outgoing TCP packet from
> > 192.168.0.189:1053 to 65.55.24.49:443 as PSH:ACK received but there is
> > no active connection
> > [INFO] Wed May 14 10:05:47 2008 Blocked incoming TCP packet from
> > 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is
> > no active connection
> > [INFO] Wed May 14 10:05:45 2008 Above message repeated 2 times
> > [INFO] Wed May 14 10:05:39 2008 Time synchronized

I do have UPNP enabled on my router. Always have had. Yet I still
had to open ports to elimiinate the incoming TCP packet blockages.

Hopefully somebody in the Foldershare development group will
eventually figure out why I'm getting these odd PSH packets.

Thanks!

05-19-2008

On May 12, 11:09 pm, Jeremy Epling [MSFT]
<JeremyEplingM...@xxxxxx> wrote:

Quote:

> The polling on FolderShare startup is used to determine if your client can
> accept p2p connections from other clients. If these are negative, all file
> transfers will go through the FolderShare relay servers which will make the
> transfer slower and cannot handle files over 2GB.
>
> If you want the best performance when transferring files, you should allow
> these incoming connections.
>
> --
> Jeremy Epling
> Lead Program Manager - Windows Live FolderShare
>
> "Anthony R. Gold" wrote:

Quote:

> > Although its assignee does not have reverse DNS on address 65.55.24.40 it
> > is in one of Microsoft's netblocks and those connection attempts were only
> > to FolderShare TCP/IP service ports, so I would presume those connection
> > attempts were both proper and benign.

>

Quote:

> > CIDR: 65.52.0.0/14
> > NetName: MICROSOFT-1BLK

>

Quote:

> > Neither FolderShare staff nor documentation have explained the benefits, if
> > any, from allowing incoming connections. I run the program both with and
> > without those and I never notice any difference in performance.

>

Quote:

> > Tony

Jeremy,

I don't suppose there's any way to tell which transmission method is
being used during a transfer, is there? Direct P2P versus via Relay
servers? Just curious.

05-12-2008	#1 (permalink)
Jon S n/a posts	Firewall blocking msgs from Microsoft (Foldershare) Foldershare has been working well for me for a number of months, and I thank the Microsoft Foldershare team for their hard work on this great product. I have a question regarding some messages I'm seeing in my hardware firewall's log (see below). The firewall is blocking a number of attempts by Microsoft to access ports on my system. I'm guessing that these attempts are coming from the Foldershare server, and that they are probably benign. Although Foldershare seems to be working OK, I'm wondering if you can verify that these requests are indeed coming from Foldershare, and tell me if I should take any action to handle these probes by adjusting settings in my firewall to let them through. Perhaps I can improve performance (or at least alleviate my possibly paranoid concerns). Thank you, Jon S. Systems Analyst P.S. These messages were logged immedately after booting up this morning, immediately after the router came online and Foldershare logged in. I've edited out my local IP addresses.... [INFO] Sun May 11 08:49:59 2008 Blocked incoming TCP connection request from 65.55.24.40:3513 to xx.xx.xx.xx:6571 [INFO] Sun May 11 08:49:59 2008 Blocked incoming TCP connection request from 65.55.24.40:3514 to xx.xx.xx.xx:8000 [INFO] Sun May 11 08:49:59 2008 Blocked incoming TCP connection request from 65.55.24.40:3512 to xx.xx.xx.xx:443 [INFO] Sun May 11 08:49:59 2008 Blocked incoming TCP connection request from 65.55.24.40:3511 to xx.xx.xx.xx:80 [INFO] Sun May 11 08:49:53 2008 Blocked incoming TCP connection request from 65.55.24.40:3514 to xx.xx.xx.xx:8000 [INFO] Sun May 11 08:49:53 2008 Blocked incoming TCP connection request from 65.55.24.40:3513 to xx.xx.xx.xx:6571 [INFO] Sun May 11 08:49:53 2008 Blocked incoming TCP connection request from 65.55.24.40:3512 to xx.xx.xx.xx:443 [INFO] Sun May 11 08:49:53 2008 Blocked incoming TCP connection request from 65.55.24.40:3511 to xx.xx.xx.xx:80 [INFO] Sun May 11 08:49:50 2008 Blocked incoming TCP connection request from 65.55.24.40:3513 to xx.xx.xx.xx:6571 [INFO] Sun May 11 08:49:50 2008 Blocked incoming TCP connection request from 65.55.24.40:3514 to xx.xx.xx.xx:8000 [INFO] Sun May 11 08:49:50 2008 Blocked incoming TCP connection request from 65.55.24.40:3512 to xx.xx.xx.xx:443 [INFO] Sun May 11 08:49:50 2008 Blocked incoming TCP connection request from 65.55.24.40:3511 to xx.xx.xx.xx:80
My System Specs

05-12-2008	#2 (permalink)
Anthony R. Gold n/a posts	Re: Firewall blocking msgs from Microsoft (Foldershare) Although its assignee does not have reverse DNS on address 65.55.24.40 it is in one of Microsoft's netblocks and those connection attempts were only to FolderShare TCP/IP service ports, so I would presume those connection attempts were both proper and benign. CIDR: 65.52.0.0/14 NetName: MICROSOFT-1BLK Neither FolderShare staff nor documentation have explained the benefits, if any, from allowing incoming connections. I run the program both with and without those and I never notice any difference in performance. Tony
My System Specs

05-12-2008	#3 (permalink)
Jeremy Epling [MSFT] n/a posts	Re: Firewall blocking msgs from Microsoft (Foldershare) The polling on FolderShare startup is used to determine if your client can accept p2p connections from other clients. If these are negative, all file transfers will go through the FolderShare relay servers which will make the transfer slower and cannot handle files over 2GB. If you want the best performance when transferring files, you should allow these incoming connections. -- Jeremy Epling Lead Program Manager - Windows Live FolderShare "Anthony R. Gold" wrote: Quote: > Although its assignee does not have reverse DNS on address 65.55.24.40 it > is in one of Microsoft's netblocks and those connection attempts were only > to FolderShare TCP/IP service ports, so I would presume those connection > attempts were both proper and benign. > > CIDR: 65.52.0.0/14 > NetName: MICROSOFT-1BLK > > Neither FolderShare staff nor documentation have explained the benefits, if > any, from allowing incoming connections. I run the program both with and > without those and I never notice any difference in performance. > > Tony > >
My System Specs

05-12-2008	#4 (permalink)
Anthony R. Gold n/a posts	Re: Firewall blocking msgs from Microsoft (Foldershare) On Mon, 12 May 2008 20:09:03 -0700, Jeremy Epling [MSFT] <JeremyEplingMSFT@xxxxxx> wrote: Quote: > The polling on FolderShare startup is used to determine if your client can > accept p2p connections from other clients. If these are negative, all file > transfers will go through the FolderShare relay servers which will make the > transfer slower and cannot handle files over 2GB. > > If you want the best performance when transferring files, you should allow > these incoming connections. Thanks for that heads-up Jeremy. Both the speed advantage and the ability to handle files over 2GB by allowing p2p between clients appear to be both valuable and also absent from mention in the Windows Live Help pages. Tony
My System Specs

05-13-2008	#5 (permalink)
Jon S n/a posts	Re: Firewall blocking msgs from Microsoft (Foldershare) On May 12, 11:42 pm, "Anthony R. Gold" <not-for-m...@xxxxxx> wrote: Quote: > On Mon, 12 May 2008 20:09:03 -0700, Jeremy Epling [MSFT] > > <JeremyEplingM...@xxxxxx> wrote: Quote: > > The polling on FolderShare startup is used to determine if your client can > > accept p2p connections from other clients. If these are negative, all file > > transfers will go through the FolderShare relay servers which will make the > > transfer slower and cannot handle files over 2GB. > Quote: > > If you want the best performance when transferring files, you should allow > > these incoming connections. > > Thanks for that heads-up Jeremy. Both the speed advantage and the ability > to handle files over 2GB by allowing p2p between clients appear to be both > valuable and also absent from mention in the Windows Live Help pages. > > Tony Thanks Jeremy. I'll go to my router and see what I can do to let these through. Jon
My System Specs

05-14-2008	#6 (permalink)
Jon S n/a posts	Re: Firewall blocking msgs from Microsoft (Foldershare) On May 12, 11:09 pm, Jeremy Epling [MSFT] <JeremyEplingM...@xxxxxx> wrote: Quote: > The polling on FolderShare startup is used to determine if your client can > accept p2p connections from other clients. If these are negative, all file > transfers will go through the FolderShare relay servers which will make the > transfer slower and cannot handle files over 2GB. > > If you want the best performance when transferring files, you should allow > these incoming connections. > > -- > Jeremy Epling > Lead Program Manager - Windows Live FolderShare > > "Anthony R. Gold" wrote: Quote: > > Although its assignee does not have reverse DNS on address 65.55.24.40 it > > is in one of Microsoft's netblocks and those connection attempts were only > > to FolderShare TCP/IP service ports, so I would presume those connection > > attempts were both proper and benign. > Quote: > > CIDR: 65.52.0.0/14 > > NetName: MICROSOFT-1BLK > Quote: > > Neither FolderShare staff nor documentation have explained the benefits, if > > any, from allowing incoming connections. I run the program both with and > > without those and I never notice any difference in performance. > Quote: > > Tony I set up Port Forwarding in my router's firewall for these particular port requests. At least I think I got it right. The messages about incoming TCP connections being blocked have gone away, but now I'm getting the messages shown below. Any idea what to do about them, if anything? Also, Folder share says it is online, but it has stopped saying "behind NAT". Is that to be expected since I changed the port filtering rules? [INFO] Wed May 14 10:06:15 2008 Blocked incoming TCP packet from 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is no active connection [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from 192.168.0.199:80 to 65.55.24.43:37154 as FIN:ACK received but there is no active connection [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from 192.168.0.199:6571 to 65.55.24.43:37156 as FIN:ACK received but there is no active connection [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from 192.168.0.199:443 to 65.55.24.43:37155 as FIN:ACK received but there is no active connection [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from 192.168.0.199:8000 to 65.55.24.43:37157 as FIN:ACK received but there is no active connection [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is no active connection [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from 65.55.24.43:37155 to xx.xx.xx.xx:443 as ACK received but there is no active connection [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from 65.55.24.43:37156 to xx.xx.xx.xx:6571 as ACK received but there is no active connection [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from 65.55.24.43:37157 to xx.xx.xx.xx:8000 as ACK received but there is no active connection [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from 65.55.24.43:37154 to xx.xx.xx.xx:80 as ACK received but there is no active connection [INFO] Wed May 14 10:06:07 2008 Blocked incoming TCP packet from 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is no active connection [INFO] Wed May 14 10:06:03 2008 Above message repeated 1 times [INFO] Wed May 14 10:06:01 2008 Blocked incoming TCP packet from 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is no active connection [INFO] Wed May 14 10:06:01 2008 Blocked incoming TCP packet from 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is no active connection [INFO] Wed May 14 10:05:59 2008 Above message repeated 1 times [INFO] Wed May 14 10:05:58 2008 Blocked outgoing TCP packet from 192.168.0.199:1030 to 65.55.24.46:443 as PSH:ACK received but there is no active connection [INFO] Wed May 14 10:05:57 2008 Blocked incoming TCP packet from 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is no active connection [INFO] Wed May 14 10:05:56 2008 Above message repeated 1 times [INFO] Wed May 14 10:05:56 2008 Blocked incoming TCP packet from 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is no active connection [INFO] Wed May 14 10:05:55 2008 Log viewed by IP address 192.168.0.199 [INFO] Wed May 14 10:05:55 2008 Blocked incoming TCP packet from 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is no active connection [INFO] Wed May 14 10:05:53 2008 Allowed configuration authentication by IP address 192.168.0.199 [INFO] Wed May 14 10:05:53 2008 Blocked incoming TCP packet from 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is no active connection [INFO] Wed May 14 10:05:50 2008 Above message repeated 1 times [INFO] Wed May 14 10:05:48 2008 Blocked outgoing TCP packet from 192.168.0.189:1053 to 65.55.24.49:443 as PSH:ACK received but there is no active connection [INFO] Wed May 14 10:05:47 2008 Blocked incoming TCP packet from 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is no active connection [INFO] Wed May 14 10:05:45 2008 Above message repeated 2 times [INFO] Wed May 14 10:05:39 2008 Time synchronized
My System Specs

05-14-2008	#7 (permalink)
Jeremy Epling [MSFT] n/a posts	Re: Firewall blocking msgs from Microsoft (Foldershare) Yes, It should stop saying Behind NAT. I am not sure how to help with the "no active connection" issue. Sorry I can't help more. If you have a UPNP router and the FolderShare UPNP setting enabled, you do not need to manually map ports. -- Jeremy Epling Lead Program Manager - Windows Live FolderShare "Jon S" wrote: Quote: > On May 12, 11:09 pm, Jeremy Epling [MSFT] > <JeremyEplingM...@xxxxxx> wrote: Quote: > > The polling on FolderShare startup is used to determine if your client can > > accept p2p connections from other clients. If these are negative, all file > > transfers will go through the FolderShare relay servers which will make the > > transfer slower and cannot handle files over 2GB. > > > > If you want the best performance when transferring files, you should allow > > these incoming connections. > > > > -- > > Jeremy Epling > > Lead Program Manager - Windows Live FolderShare > > > > "Anthony R. Gold" wrote: Quote: > > > Although its assignee does not have reverse DNS on address 65.55.24.40 it > > > is in one of Microsoft's netblocks and those connection attempts were only > > > to FolderShare TCP/IP service ports, so I would presume those connection > > > attempts were both proper and benign. > > Quote: > > > CIDR: 65.52.0.0/14 > > > NetName: MICROSOFT-1BLK > > Quote: > > > Neither FolderShare staff nor documentation have explained the benefits, if > > > any, from allowing incoming connections. I run the program both with and > > > without those and I never notice any difference in performance. > > Quote: > > > Tony > > I set up Port Forwarding in my router's firewall for these particular > port requests. At least I think I got it right. The messages about > incoming TCP connections being blocked have gone away, but now I'm > getting the messages shown below. Any idea what to do about them, if > anything? > > Also, Folder share says it is online, but it has stopped saying > "behind NAT". Is that to be expected since I changed the port > filtering rules? > > [INFO] Wed May 14 10:06:15 2008 Blocked incoming TCP packet from > 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is > no active connection > [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from > 192.168.0.199:80 to 65.55.24.43:37154 as FIN:ACK received but there is > no active connection > [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from > 192.168.0.199:6571 to 65.55.24.43:37156 as FIN:ACK received but there > is no active connection > [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from > 192.168.0.199:443 to 65.55.24.43:37155 as FIN:ACK received but there > is no active connection > [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from > 192.168.0.199:8000 to 65.55.24.43:37157 as FIN:ACK received but there > is no active connection > [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from > 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is > no active connection > [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from > 65.55.24.43:37155 to xx.xx.xx.xx:443 as ACK received but there is no > active connection > [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from > 65.55.24.43:37156 to xx.xx.xx.xx:6571 as ACK received but there is no > active connection > [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from > 65.55.24.43:37157 to xx.xx.xx.xx:8000 as ACK received but there is no > active connection > [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from > 65.55.24.43:37154 to xx.xx.xx.xx:80 as ACK received but there is no > active connection > [INFO] Wed May 14 10:06:07 2008 Blocked incoming TCP packet from > 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is > no active connection > [INFO] Wed May 14 10:06:03 2008 Above message repeated 1 times > [INFO] Wed May 14 10:06:01 2008 Blocked incoming TCP packet from > 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is > no active connection > [INFO] Wed May 14 10:06:01 2008 Blocked incoming TCP packet from > 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is > no active connection > [INFO] Wed May 14 10:05:59 2008 Above message repeated 1 times > [INFO] Wed May 14 10:05:58 2008 Blocked outgoing TCP packet from > 192.168.0.199:1030 to 65.55.24.46:443 as PSH:ACK received but there is > no active connection > [INFO] Wed May 14 10:05:57 2008 Blocked incoming TCP packet from > 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is > no active connection > [INFO] Wed May 14 10:05:56 2008 Above message repeated 1 times > [INFO] Wed May 14 10:05:56 2008 Blocked incoming TCP packet from > 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is > no active connection > [INFO] Wed May 14 10:05:55 2008 Log viewed by IP address > 192.168.0.199 > [INFO] Wed May 14 10:05:55 2008 Blocked incoming TCP packet from > 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is > no active connection > [INFO] Wed May 14 10:05:53 2008 Allowed configuration authentication > by IP address 192.168.0.199 > [INFO] Wed May 14 10:05:53 2008 Blocked incoming TCP packet from > 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is > no active connection > [INFO] Wed May 14 10:05:50 2008 Above message repeated 1 times > [INFO] Wed May 14 10:05:48 2008 Blocked outgoing TCP packet from > 192.168.0.189:1053 to 65.55.24.49:443 as PSH:ACK received but there is > no active connection > [INFO] Wed May 14 10:05:47 2008 Blocked incoming TCP packet from > 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is > no active connection > [INFO] Wed May 14 10:05:45 2008 Above message repeated 2 times > [INFO] Wed May 14 10:05:39 2008 Time synchronized >
My System Specs

05-15-2008	#8 (permalink)
Jon S n/a posts	Re: Firewall blocking msgs from Microsoft (Foldershare) On May 14, 11:56 pm, Jeremy Epling [MSFT] <JeremyEplingM...@xxxxxx> wrote: Quote: > Yes, It should stop saying Behind NAT. I am not sure how to help with the "no > active connection" issue. Sorry I can't help more. > > If you have a UPNP router and the FolderShare UPNP setting enabled, you do > not need to manually map ports. > > -- > Jeremy Epling > Lead Program Manager - Windows Live FolderShare > > "Jon S" wrote: Quote: > > On May 12, 11:09 pm, Jeremy Epling [MSFT] > > <JeremyEplingM...@xxxxxx> wrote: Quote: > > > The polling on FolderShare startup is used to determine if your client can > > > accept p2p connections from other clients. If these are negative, all file > > > transfers will go through the FolderShare relay servers which will make the > > > transfer slower and cannot handle files over 2GB. > Quote: Quote: > > > If you want the best performance when transferring files, you should allow > > > these incoming connections. > Quote: Quote: > > > -- > > > Jeremy Epling > > > Lead Program Manager - Windows Live FolderShare > Quote: Quote: > > > "Anthony R. Gold" wrote: > > > > Although its assignee does not have reverse DNS on address 65.55.24.40 it > > > > is in one of Microsoft's netblocks and those connection attempts were only > > > > to FolderShare TCP/IP service ports, so I would presume those connection > > > > attempts were both proper and benign. > Quote: Quote: > > > > CIDR: 65.52.0.0/14 > > > > NetName: MICROSOFT-1BLK > Quote: Quote: > > > > Neither FolderShare staff nor documentation have explained the benefits, if > > > > any, from allowing incoming connections. I run the program both with and > > > > without those and I never notice any difference in performance. > Quote: Quote: > > > > Tony > Quote: > > I set up Port Forwarding in my router's firewall for these particular > > port requests. At least I think I got it right. The messages about > > incoming TCP connections being blocked have gone away, but now I'm > > getting the messages shown below. Any idea what to do about them, if > > anything? > Quote: > > Also, Folder share says it is online, but it has stopped saying > > "behind NAT". Is that to be expected since I changed the port > > filtering rules? > Quote: > > [INFO] Wed May 14 10:06:15 2008 Blocked incoming TCP packet from > > 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is > > no active connection > > [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from > > 192.168.0.199:80 to 65.55.24.43:37154 as FIN:ACK received but there is > > no active connection > > [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from > > 192.168.0.199:6571 to 65.55.24.43:37156 as FIN:ACK received but there > > is no active connection > > [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from > > 192.168.0.199:443 to 65.55.24.43:37155 as FIN:ACK received but there > > is no active connection > > [INFO] Wed May 14 10:06:14 2008 Blocked outgoing TCP packet from > > 192.168.0.199:8000 to 65.55.24.43:37157 as FIN:ACK received but there > > is no active connection > > [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from > > 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is > > no active connection > > [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from > > 65.55.24.43:37155 to xx.xx.xx.xx:443 as ACK received but there is no > > active connection > > [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from > > 65.55.24.43:37156 to xx.xx.xx.xx:6571 as ACK received but there is no > > active connection > > [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from > > 65.55.24.43:37157 to xx.xx.xx.xx:8000 as ACK received but there is no > > active connection > > [INFO] Wed May 14 10:06:12 2008 Blocked incoming TCP packet from > > 65.55.24.43:37154 to xx.xx.xx.xx:80 as ACK received but there is no > > active connection > > [INFO] Wed May 14 10:06:07 2008 Blocked incoming TCP packet from > > 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is > > no active connection > > [INFO] Wed May 14 10:06:03 2008 Above message repeated 1 times > > [INFO] Wed May 14 10:06:01 2008 Blocked incoming TCP packet from > > 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is > > no active connection > > [INFO] Wed May 14 10:06:01 2008 Blocked incoming TCP packet from > > 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is > > no active connection > > [INFO] Wed May 14 10:05:59 2008 Above message repeated 1 times > > [INFO] Wed May 14 10:05:58 2008 Blocked outgoing TCP packet from > > 192.168.0.199:1030 to 65.55.24.46:443 as PSH:ACK received but there is > > no active connection > > [INFO] Wed May 14 10:05:57 2008 Blocked incoming TCP packet from > > 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is > > no active connection > > [INFO] Wed May 14 10:05:56 2008 Above message repeated 1 times > > [INFO] Wed May 14 10:05:56 2008 Blocked incoming TCP packet from > > 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is > > no active connection > > [INFO] Wed May 14 10:05:55 2008 Log viewed by IP address > > 192.168.0.199 > > [INFO] Wed May 14 10:05:55 2008 Blocked incoming TCP packet from > > 65.55.24.46:443 to xx.xx.xx.xx:1030 as PSH:ACK received but there is > > no active connection > > [INFO] Wed May 14 10:05:53 2008 Allowed configuration authentication > > by IP address 192.168.0.199 > > [INFO] Wed May 14 10:05:53 2008 Blocked incoming TCP packet from > > 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is > > no active connection > > [INFO] Wed May 14 10:05:50 2008 Above message repeated 1 times > > [INFO] Wed May 14 10:05:48 2008 Blocked outgoing TCP packet from > > 192.168.0.189:1053 to 65.55.24.49:443 as PSH:ACK received but there is > > no active connection > > [INFO] Wed May 14 10:05:47 2008 Blocked incoming TCP packet from > > 65.55.24.49:443 to xx.xx.xx.xx:1053 as PSH:ACK received but there is > > no active connection > > [INFO] Wed May 14 10:05:45 2008 Above message repeated 2 times > > [INFO] Wed May 14 10:05:39 2008 Time synchronized I do have UPNP enabled on my router. Always have had. Yet I still had to open ports to elimiinate the incoming TCP packet blockages. Hopefully somebody in the Foldershare development group will eventually figure out why I'm getting these odd PSH packets. Thanks!
My System Specs

05-19-2008	#9 (permalink)
Jon S n/a posts	Re: Firewall blocking msgs from Microsoft (Foldershare) On May 12, 11:09 pm, Jeremy Epling [MSFT] <JeremyEplingM...@xxxxxx> wrote: Quote: > The polling on FolderShare startup is used to determine if your client can > accept p2p connections from other clients. If these are negative, all file > transfers will go through the FolderShare relay servers which will make the > transfer slower and cannot handle files over 2GB. > > If you want the best performance when transferring files, you should allow > these incoming connections. > > -- > Jeremy Epling > Lead Program Manager - Windows Live FolderShare > > "Anthony R. Gold" wrote: Quote: > > Although its assignee does not have reverse DNS on address 65.55.24.40 it > > is in one of Microsoft's netblocks and those connection attempts were only > > to FolderShare TCP/IP service ports, so I would presume those connection > > attempts were both proper and benign. > Quote: > > CIDR: 65.52.0.0/14 > > NetName: MICROSOFT-1BLK > Quote: > > Neither FolderShare staff nor documentation have explained the benefits, if > > any, from allowing incoming connections. I run the program both with and > > without those and I never notice any difference in performance. > Quote: > > Tony Jeremy, I don't suppose there's any way to tell which transmission method is being used during a transfer, is there? Direct P2P versus via Relay servers? Just curious.
My System Specs

Similar Threads
Thread	Forum
firewall blocking msn messenger?	Network & Sharing
Blocking Specific Programs in Firewall	Network & Sharing
FIREWALL BLOCKING MY GAME	Vista Games
Selective IPs blocking in Vista firewall	Vista security