Solved

router log

Posted on 2010-09-08
1
298 Views
Last Modified: 2012-05-10
Can anyone help me interpret these logs and determine a plan of action?  One says ACCESS PERMITTED.  The source is a 66. IP. The other is an ATTACK  and the source is my domain?  The ATTACK destination is 75. IP  The 192. IP is my domain, I think.  That number matches up, except for the last 3 digits.

17  2010-09-08 09:48:57 Firewall rule match: TCP (W to L, rule:1) 66.162.203.122:8093 192.168.10.21:80 ACCESS PERMITTED

18  2010-09-08 09:23:54 ip spoofing - WAN TCP (W to W/ZW) 192.168.10.102:80 75.109.218.9:12551 ATTACK
0
Comment
Question by:rodynetwork
1 Comment
 
LVL 21

Accepted Solution

by:
Rick_O_Shay earned 250 total points
ID: 33629315
The first one is saying you are allowing outside access to a web server at 192.168.10.21. If that is not expected you need to change your firewall rules.

The second one is saying something on the outside is trying to fool your router by using an inside address.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question