router log

Can anyone help me interpret these logs and determine a plan of action?  One says ACCESS PERMITTED.  The source is a 66. IP. The other is an ATTACK  and the source is my domain?  The ATTACK destination is 75. IP  The 192. IP is my domain, I think.  That number matches up, except for the last 3 digits.

17  2010-09-08 09:48:57 Firewall rule match: TCP (W to L, rule:1) 66.162.203.122:8093 192.168.10.21:80 ACCESS PERMITTED

18  2010-09-08 09:23:54 ip spoofing - WAN TCP (W to W/ZW) 192.168.10.102:80 75.109.218.9:12551 ATTACK
rodynetworkAsked:
Who is Participating?
 
Rick_O_ShayConnect With a Mentor Commented:
The first one is saying you are allowing outside access to a web server at 192.168.10.21. If that is not expected you need to change your firewall rules.

The second one is saying something on the outside is trying to fool your router by using an inside address.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.