?
Solved

router log

Posted on 2010-09-08
1
Medium Priority
?
328 Views
Last Modified: 2012-05-10
Can anyone help me interpret these logs and determine a plan of action?  One says ACCESS PERMITTED.  The source is a 66. IP. The other is an ATTACK  and the source is my domain?  The ATTACK destination is 75. IP  The 192. IP is my domain, I think.  That number matches up, except for the last 3 digits.

17  2010-09-08 09:48:57 Firewall rule match: TCP (W to L, rule:1) 66.162.203.122:8093 192.168.10.21:80 ACCESS PERMITTED

18  2010-09-08 09:23:54 ip spoofing - WAN TCP (W to W/ZW) 192.168.10.102:80 75.109.218.9:12551 ATTACK
0
Comment
Question by:rodynetwork
1 Comment
 
LVL 21

Accepted Solution

by:
Rick_O_Shay earned 1000 total points
ID: 33629315
The first one is saying you are allowing outside access to a web server at 192.168.10.21. If that is not expected you need to change your firewall rules.

The second one is saying something on the outside is trying to fool your router by using an inside address.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Considering today’s continual security threats, which affect Information technology networks and systems worldwide, it is very important to practice basic security awareness. A normal system user can secure himself or herself by following these simp…
With more and more companies allowing their employees to work remotely, it begs the question: What are some of the security risks involved with remote employees and what actions should we take to secure them?
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question