November 18, 2008 10:38pm pst

1. RobWill 16,600
2. dpk_wal 11,875
3. jahboite 9,000
4. lrmoore 8,900
5. uetian1707 8,530
6. giltjr 8,000
7. billwharton 7,600
8. keith_ala... 6,500
9. toniur 6,000
10. tigermatt 5,672
11. vjlp 5,650
12. Johnjces 5,500
13. Spec01 5,000
14. rsivanandan 4,900
15. mabutterfi... 4,300
16. JFrederic... 4,000
16. rslqld 4,000
16. flyingsky 4,000
19. johnb6767 3,900
20. nsx106... 3,725
21. DaveHowe 3,700
22. mwecom... 3,500
23. EricTViking 3,350
24. ahoffmann 3,100
25. Darr247 3,079

1. batry_boy 24,440
2. lrmoore 22,492
3. RobWill 21,800
4. PowerIT 18,325
5. rsivanandan 15,662
6. dpk_wal 11,875
7. uetian1707 10,530
8. giltjr 10,050
9. PeteLong 9,980
10. richrumble 9,393
11. jahboite 9,000
12. ahoffmann 8,830
13. pseudocy... 8,400
14. billwharton 8,100
15. r-k 8,032
16. Sorenson 7,500
17. toniur 7,000
17. keith_ala... 7,000
19. CoccoBill 6,275
20. decoleur 5,837
21. tigermatt 5,672
22. vjlp 5,650
23. Johnjces 5,500
24. calvinetter 5,498
25. ebjers 5,300

06.20.2008 at 10:47AM PDT, ID: 23503028

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

8.1

Router log contains "LAN access from remote" - Network intrusion?

Asked by erkwong in Network Security, Operating Systems Network Security, Internet

Tags: Router Log - Network Intrusion?

This log on my newly installed Netgear Router (firewall enabled) connected to 3 XP Boxes (Firewall enabled) and Windows server 2003 SBS (Single NIC, NO Firewall). I am concerned - have some of these connections from foreign countries [LAN Access from remote] actually succeeded?
192.168.1.6 is my server, these other IP's from which the LAN access were initiated (ie 118.165.72.203) certainly are NOT me. I looked these IP's up on http://www.dshield.org/ - these IP's are from China and UAE, etc! Please let me know what else I need to do to lock down my server.

[LAN access from remote] from 118.165.72.203:3821 to 192.168.1.6:25
Thursday, Jun 19,2008 11:28:47
[Service blocked: ICMP_echo_req] from source 71.103.203.182, Thursday,
Jun 19,2008 10:13:04
[Service blocked: ICMP_echo_req] from source 71.103.105.208, Thursday,
Jun 19,2008 08:32:36
[LAN access from remote] from 221.139.104.39:42780 to 192.168.1.6:21
Thursday, Jun 19,2008 08:28:12
[Service blocked: ICMP_echo_req] from source 71.101.195.99, Thursday,
Jun 19,2008 07:52:37
[LAN access from remote] from 83.111.63.226:12024 to 192.168.1.6:3389
Thursday, Jun 19,2008 07:24:46
[Service blocked: ICMP_echo_req] from source 71.102.223.193, Thursday,
Jun 19,2008 06:21:52
[Service blocked: ICMP_echo_req] from source 71.102.223.193, Thursday,
Jun 19,2008 05:12:25
[Service blocked: ICMP_echo_req] from source 71.105.24.141, Thursday,
Jun 19,2008 02:46:08
[Service blocked: ICMP_echo_req] from source 71.105.183.154, Thursday,
Jun 19,2008 00:46:38
[LAN access from remote] from 118.169.198.85:39293 to 192.168.1.6:25
Wednesday, Jun 18,2008 23:51:56
[Service blocked: ICMP_echo_req] from source 71.103.173.182, Wednesday,
Jun 18,2008 22:18:56
[Service blocked: ICMP_echo_req] from source 71.100.169.111, Wednesday,
Jun 18,2008 22:04:52
[LAN access from remote] from 61.225.15.213:1103 to 192.168.1.6:25
Wednesday, Jun 18,2008 19:55:15
[Service blocked: ICMP_echo_req] from source 71.102.223.193, Wednesday,
Jun 18,2008 19:16:05
[Service blocked: ICMP_echo_req] from source 71.105.183.154, Wednesday,
Jun 18,2008 18:43:30
[Service blocked: ICMP_echo_req] from source 71.105.24.141, Wednesday,
Jun 18,2008 18:24:57
[LAN access from remote] from 203.95.109.29:35737 to 192.168.1.6:21
Wednesday, Jun 18,2008 18:19:31
[Service blocked: ICMP_echo_req] from source 71.103.233.234, Wednesday,
Jun 18,2008 17:46:10
[Service blocked: ICMP_echo_req] from source 71.102.225.97, Wednesday,
Jun 18,2008 16:53:51
[LAN access from remote] from 83.111.63.226:24036 to 192.168.1.6:3389
Wednesday, Jun 18,2008 16:48:19
[Service blocked: ICMP_echo_req] from source 71.103.64.184, Wednesday,
Jun 18,2008 16:20:29
[LAN access from remote] from 118.169.196.60:59823 to 192.168.1.6:25
Wednesday, Jun 18,2008 15:01:10
[Service blocked: ICMP_echo_req] from source 71.103.212.189, Wednesday,
Jun 18,2008 14:39:56
[Service blocked: ICMP_echo_req] from source 71.105.183.154, Wednesday,
Jun 18,2008 14:22:32
[Service blocked: ICMP_echo_req] from source 71.105.24.141, Wednesday,
Jun 18,2008 14:12:51
[Service blocked: ICMP_echo_req] from source 71.101.129.82, Wednesday,
Jun 18,2008 12:43:47
[Service blocked: ICMP_echo_req] from source 71.103.212.189, Wednesday,
Jun 18,2008 12:05:19
[LAN access from remote] from 218.97.254.203:33690 to 192.168.1.6:21
Wednesday, Jun 18,2008 11:38:31
[Service blocked: ICMP_echo_req] from source 71.103.212.189, Wednesday,
Jun 18,2008 11:03:50
[Service blocked: ICMP_echo_req] from source 71.103.223.130, Wednesday,
Jun 18,2008 10:55:38
[Service blocked: ICMP_echo_req] from source 71.103.206.98, Wednesday,
Jun 18,2008 10:51:15
[Service blocked: ICMP_echo_req] from source 71.101.124.160, Wednesday,
Jun 18,2008 10:49:51
[UPnP set event: Public_UPNP_C5] from source 192.168.1.6, Wednesday, Jun
18,2008 10:11:22
[Service blocked: ICMP_echo_req] from source 71.105.24.141, Wednesday,
Jun 18,2008 10:00:08
[Service blocked: ICMP_echo_req] from source 71.103.82.66, Wednesday,
Jun 18,2008 08:34:34
[Service blocked: ICMP_echo_req] from source 71.105.24.141, Wednesday,
Jun 18,2008 05:50:58
[Service blocked: ICMP_echo_req] from source 71.100.228.109, Wednesday,
Jun 18,2008 02:50:36
[Service blocked: ICMP_echo_req] from source 71.105.24.141, Wednesday,
Jun 18,2008 01:42:08
[Service blocked: ICMP_echo_req] from source 71.103.9.190, Tuesday, Jun
17,2008 22:50:16
[Service blocked: ICMP_echo_req] from source 71.105.24.141, Tuesday, Jun
17,2008 21:32:51
[Service blocked: ICMP_echo_req] from source 71.105.191.224, Tuesday,
Jun 17,2008 21:19:16
[Service blocked: ICMP_echo_req] from source 71.105.87.184, Tuesday, Jun
17,2008 18:06:25
[Service blocked: ICMP_echo_req] from source 71.101.177.146, Tuesday,
Jun 17,2008 17:02:29
[Service blocked: ICMP_echo_req] from source 71.104.155.194, Tuesday,
Jun 17,2008 11:41:33
[Service blocked: ICMP_echo_req] from source 71.104.252.102, Tuesday,
Jun 17,2008 11:19:04
[Service blocked: ICMP_echo_req] from source 71.101.177.6, Tuesday, Jun
17,2008 11:07:08
[Service blocked: ICMP_echo_req] from source 71.105.191.224, Tuesday,
Jun 17,2008 10:00:12
[Service blocked: ICMP_echo_req] from source 71.106.187.76, Tuesday, Jun
17,2008 09:57:20
[Service blocked: ICMP_echo_req] from source 71.103.195.212, Tuesday,
Jun 17,2008 09:39:03
[Service blocked: ICMP_echo_req] from source 71.102.90.176, Tuesday, Jun
17,2008 09:01:43
[Service blocked: ICMP_echo_req] from source 71.105.24.141, Tuesday, Jun
17,2008 08:55:17
[Service blocked: ICMP_echo_req] from source 71.104.155.194, Tuesday,
Jun 17,2008 07:45:14
[Service blocked: ICMP_echo_req] from source 71.105.49.38, Tuesday, Jun
17,2008 06:58:41
[Service blocked: ICMP_echo_req] from source 71.105.24.141, Tuesday, Jun
17,2008 04:46:33
[Service blocked: ICMP_echo_req] from source 71.101.124.160, Tuesday,
Jun 17,2008 02:33:34
[Service blocked: ICMP_echo_req] from source 71.105.24.141, Tuesday, Jun
17,2008 00:43:15
[Service blocked: ICMP_echo_req] from source 71.104.155.115, Monday, Jun
16,2008 21:20:50
[Service blocked: ICMP_echo_req] from source 71.105.96.203, Monday, Jun
16,2008 20:12:23
[Service blocked: ICMP_echo_req] from source 4.79.142.206, Monday, Jun
16,2008 18:20:38Start Free Trial

Keywords: Router log contains "LAN access fro…

	Title
1	ICMP Packet
2	A DropDownList for U.S. States/C…
3	Problem sending emails to and fro China
4	Firweall - Banning foreign IP schemas…
5	broadband very slow in china
6	Foreign views , China, Russia, India

Loading Advertisement...

20080716-EE-VQP-32 / EE_QW_2_20070628

Router log contains "LAN access from remote" - Network intrusion?

Asked by erkwong in Network Security, Operating Systems Network Security, Internet

Tags: Router Log - Network Intrusion?

About this solution