Router packet storm

Every couple of daysmy routers firwall blocks thousands of these packets:
[INFO] Fri Oct 22 01:02:11 2010 Blocked outgoing TCP packet from 72.95.138.176:52078 to 209.195.152.229:80 with unexpected acknowledgement 4059630299 (expected 4059632577 to 4059698113)

How can I find out what is causing this?
whiwexAsked:
Who is Participating?
 
SouljaConnect With a Mentor Commented:
Are you hosting anything on port 80? Nevertheless, that ip address is attacking your device. Fortunately, it isn't succeeding.
0
 
SouljaCommented:
Do you know what these ip addresses are? Looks like a host accessing a website or something.
0
 
whiwexAuthor Commented:
This router is my gateway to the internet and the address belong to verizion.
0
KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

 
SouljaCommented:
Does your acl limit http outbound traffic.
0
 
whiwexAuthor Commented:
I don't have any acl setup. I'm using a dlink 724GU router. The only thing I am blocking with the routers firewall are some networks from other countrys. Otherwise I am using the defaults.
0
 
SouljaCommented:
The only thing I can come up with is the destination isn't valid. Try connecting to the site and see if it comes up. Maybe a host in your network is trying to connect to it. Could be a trojan horse or something on one of your hosts trying to hit a no longer valid destination.
0
 
whiwexAuthor Commented:
My router is the 209 address so doesn't this indicate that the router is blocking the packet from the the 72.95.138.176 which is somewhere in verizon?
0
 
SouljaCommented:
Oh, okay. I thought the 72 address was your router. Yes, this is some ip address trying to access your network on port 80.
0
 
whiwexAuthor Commented:
yes I am hosting a couple of web sites.
0
 
SouljaConnect With a Mentor Commented:
Okay, so that confirms that your firewall is just blocking strange traffic from that ip address for some apparent reason.
0
 
digitapCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.