Have a quick question, I have dug around a bit and not really come up with anything. I have a customer who is getting hammered by the same IP address which resolves back to engbox.tellurian.net. Seems to be an ICMP packet.
I don't think this is legitimate traffic coming into their office, but then again the IP never changes. Below is the log excerpt....it just continually repeats itself for pages.
10/15/2010 22:32:55.656 - ICMP packet dropped - 220.127.116.11, 8, WAN - (my customer IP), 0, WAN - ICMP Type: 8, Code: 0
Anyone know what this is? Should it be allowed to pass through? All the other customers with pro 2040 firewalls don't have this traffic.