I have used my new laptop with LiveSafe preinstalled for a few days now. During that short period of time there have been more than 1000 strange entries in LiveSafe logs. The entries say that IP addresses from more than 40 different IP ranges have tried to access various TCP ports on my computer. These connection attemps start happening as soon as I turn on the computer, and they continue even when the computer is idle. I don't recognize these IP addresses and according to Whois data, they are located in foreign countries. Many of them belong to various cloud service companies like Amazon AWS. However, according LiveSafe logs, these IP addresses are on my local network. This is definitely not the case or should not be. The entries read as follows:
"The PC 220.127.116.11 tried to connect to TCP port 54840 on your PC without your permission. The source IP address is on your local network." This IP belongs to AWS and is located in the United States, but I am in Europe.
A few of these IP addresses that try to connect to TCP ports on my PC belong to McAfee (e.g., 18.104.22.168), yet LiveSafe logs still say that they are all on my local network. Why is LiveSafe reporting that IP addresses located in foreign countries are on my local network? What exactly does LiveSafe mean when it says that "The source IP address is on your local network"? I have nothing else on my local network than the laptop and a wireless router that connects to my ISP. Has anyone else seen such entries in LiveSafe logs?
That's an old answer too. Basically, in a nutshell, that is simply a log of what your Firewall has blocked. There is no need for any action on your part.
Most people will see those depending on how they connect to the Internet. They don't represent threats necessarily.
Mmm. Normal yes, but you miss my point.
My stationery computer is behind two routers in a chain, that mens two nats being done.
I dont see the connection Mcafee says it has blocked in my routers logs.
And the connection it reports as blocked is incoming.
I don't really get the pieces together, if McAfee is right, i have a serious problem with my two routers, else McAfee lies to the customers..
It seems that i have to put in a wireshark in between as a bridge.
You'd have to ask an expert (Support), which I am not. I'll see if I can have one answer your question here.
I would assume it looks for the Internet access point regardless of the other router and reports on "attacks" coming into that.