port being attacked? or spyware?
when i connect to some people via p2p chat, i get hit on two distinct ports which are not being used for the p2p chat connection. I get 3-6 packets every 1 second, rather annoying to know something is sending you unwanted packets. The source computers are the same, but the source ports differ, but their destination is always the same two ports on my computer. They are UDP packets, so while I can capture info with wireshark, i don't know how to read it meaningfully. If their computer has spyware or a trojan, could that be the culprit? their anti-virus/anti-spyware doesn't seem to be able to find something is wrong, and they don't know much about computers....
so, if my firewall is constantly blocking those ports, is there a chance that too many packets came at the same time, and something got past the firewall? how many packets per second can iptables filter before it lets unchecked packets thru? And how to read what the UDP packet actually contains?