Multicast - external modems beating down my door

[mudmanc4]

I've not had much experience with multicast, never really had a direct issue to deal with it at this point.

So I've read ietf's report which left me with a much better understanding.

At the same time , the reason I started looking into this, is my local firewall appliance is showing steady and constant attempts to infiltrate the the internal network.

Recognising the offending IP sets, this is hundreds, in fact the entire subset attempting to access. Ha you say , must be the ISP implementation to collectively control their networks -- yuuk !!? !!!

Since as i understand this, IGMP exists above or outside of the network layer , what could these attempts be used for. I have a few theories, but this is the wrong section of the forum to go into that lol

My question to those in the know on this subject, what if anything will I lose by blocking these pings, in fact it's scanning ports as well , generally on :64 , at the same time , I see trillions of attempt on many lower ports, which is my concern. As port 64 as well s many lower ports, are used to easily infiltrate and inject {place something disgusting here}

Below is just a few, you can see by the time stamps. And at this time only one IP is hitting me, where many times it's a steady barrage .

[techevang]

What you have to remeber, is that address range exists outside of the globaly registerable address'es. Lots of different people do different things with them on different networks / subnets. They wont necessarily follow port conventions that are used on the wider web. Sorry If you already knew that, its not completely clear from your post

I doubt its anything directly nefarious! Why not have a look with wireshark or something?

[mudmanc4]

No, thank you I really have not dealt with this at all. So any info is more then welcomed.

My only knowledge is the short research I've done to have a clue how to word my question.

As you can see in the SH, this is a constant bombardment, as you say this is likely not anyone tryig anything bad, I cannot prove that. As everything has it's purpose, until i find it's purpose , while the firewall is already flagging it by my default settings, gives me a reason to question it.

And I used just about everything I have , but the firewall is blocking it from getting inside, so unless I reconfigure things I wont be able to see what it's attempting.

I like my networks to be clear and clean of 'static' or unwarranted useless noise. In fact last time I contacted ISP support they informed me they would not support anything until I removed 'whatever firewall is blocking them from getting in' , which I did get a kick out of. Why they would want 'in' past the modem is beyond me, then again I'm no cable tech either.