Potential Security Concern

[rdlfree]

I have brought this up before, but this is different. Does anyone know why a default FreeBSD 9.0-RELEASE-p3 FreeBSD 9.0-RELEASE-p3 #0: Tue Jun 12 02:52:29 UTC 2012 with Gnome2 running seeks foreign (to me) IP address (i.e. 147.229.9.40). This is an issue that my UNIX box seeks this address with no running network apps. My previous issue was related to the Gnome-applet this is different and solved.

Log Rule default drop and here is the log:

Jul 17 15:55:44 kernel: ipfw: 299 Deny TCP 10.255.0.222:33815 147.229.9.40:80 out via em0
Jul 17 15:56:03 last message repeated 4 times
Jul 17 15:57:37 last message repeated 3 times
Jul 17 16:02:57 last message repeated 5 times

The contact point of the IP address is (whois):

person: Vladimir Zahorik
address: Brno University of Technology
address: Center of Computing and Information Services
address: Antoninska 1
address: Brno
address: 601 90
address: The Czech Republic

And here is the output of lsof -i:

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
gnome-ses 1666 7u IPv6 --Removed--------- 0t0 TCP *:33768 (LISTEN)
gnome-ses 1666 8u IPv4 --Removed--------- 0t0 TCP *:12263 (LISTEN)
gnome-ses 1666 7u IPv6 --Removed--------- 0t0 TCP *:33768 (LISTEN)
gnome-ses 1666 8u IPv4 --Removed--------- 0t0 TCP *:12263 (LISTEN)
gnome-ses 1666 7u IPv6 --Removed--------- 0t0 TCP *:33768 (LISTEN)
gnome-ses 1666 8u IPv4 --Removed--------- 0t0 TCP *:12263 (LISTEN)

and here is the output of netstat -i:

Name Mtu Network Address Ipkts Ierrs Idrop Opkts Oerrs Coll
em0 1500 <Link#1> --Removed-- 2223 0 0 2054 0 0
em0 1500 --Removed-- --Removed-- 2153 - - 2031 - -
usbus 0 <Link#2> 0 0 0 0 0 0
usbus 0 <Link#3> 0 0 0 0 0 0
lo0 16384 <Link#4> 145 0 0 145 0 0
lo0 16384 localhost ::1 4 - - 4 - -
lo0 16384 your-net localhost 137 - - 141 - -
ipfw0 65536 <Link#5>

 

[SNK]

That IP belongs to update3.FreeBSD.org.

Might want to run
# freebsd-update install
to tie up possible loose ends.

 

[rdlfree]

Close Concern

Thanks.:\