analyse de log de routeur - Windows & Software
Marsh Posté le 11-03-2005 à 16:19:03
Bonjour, j'aurais voulu savoir si si le log suivant vous paraissais suspect en effet on retrouve assez souvent certaines IP en provenance de wanadoo ca pourrais etre tout simplement un vers mais je ne sais es ce anormal ?
Thur, 03/10/2005 12:52:26 - TCP connection dropped - Source:82.237.20.97, 1701, WAN - Destination:*MON IP*, 6101, LAN - 'Suspicious TCP Data' Thur, 03/10/2005 12:53:02 - TCP connection dropped - Source:82.253.151.141, 4731, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Thur, 03/10/2005 12:54:38 - TCP connection dropped - Source:82.149.191.165, 4389, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Thur, 03/10/2005 12:56:48 - TCP connection dropped - Source:141.213.11.238, 3629, WAN - Destination:*MON IP*, 3410, LAN - 'Suspicious TCP Data' Thur, 03/10/2005 13:08:04 - TCP connection dropped - Source:82.224.108.12, 4340, WAN - Destination:*MON IP*, 17771, LAN - 'Suspicious TCP Data' Thur, 03/10/2005 13:11:08 - TCP connection dropped - Source:82.43.164.105, 1935, WAN - Destination:*MON IP*, 1025, LAN - 'Suspicious TCP Data' Thur, 03/10/2005 13:17:16 - TCP connection dropped - Source:82.127.19.188, 2755, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Thur, 03/10/2005 13:21:42 - TCP connection dropped - Source:82.127.19.188, 4193, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Thur, 03/10/2005 13:31:52 - TCP connection dropped - Source:218.62.8.70, 3701, WAN - Destination:*MON IP*, 22, LAN - 'SSH' Thur, 03/10/2005 13:59:58 - TCP connection dropped - Source:80.189.231.116, 3972, WAN - Destination:*MON IP*, 17300, LAN - 'Suspicious TCP Data' Thur, 03/10/2005 14:09:26 - TCP connection dropped - Source:82.228.144.70, 2060, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Thur, 03/10/2005 14:11:44 - TCP connection dropped - Source:82.127.141.33, 1887, WAN - Destination:*MON IP*, 1025, LAN - 'Suspicious TCP Data' Thur, 03/10/2005 14:11:44 - TCP connection dropped - Source:82.127.141.33, 1890, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Thur, 03/10/2005 14:11:46 - TCP connection dropped - Source:82.127.141.33, 1890, WAN - Destination:*MON IP*, 139, LAN - 'Possible Port Scan' Thur, 03/10/2005 14:11:54 - TCP connection dropped - Source:82.53.144.161, 3278, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Thur, 03/10/2005 14:15:26 - UDP packet dropped - Source:83.192.56.89, 3008, WAN - Destination:*MON IP*, 135, LAN - 'Suspicious UDP Data' Thur, 03/10/2005 14:23:44 - UDP packet dropped - Source:218.200.176.30, 1124, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data' Thur, 03/10/2005 14:23:44 - TCP connection dropped - Source:82.52.61.118, 3925, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Thur, 03/10/2005 14:27:14 - TCP connection dropped - Source:82.232.84.131, 4234, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Thur, 03/10/2005 14:36:42 - TCP connection dropped - Source:217.219.145.9, 3228, WAN - Destination:*MON IP*, 21, LAN - 'FTP-ctrl' Thur, 03/10/2005 14:52:16 - TCP connection dropped - Source:82.127.139.63, 4083, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Thur, 03/10/2005 14:52:58 - TCP connection dropped - Source:82.157.86.159, 1676, WAN - Destination:*MON IP*, 2745, LAN - 'Suspicious TCP Data' Thur, 03/10/2005 15:03:34 - UDP packet dropped - Source:195.89.58.57, 27327, WAN - Destination:*MON IP*, 1026, LAN - 'Suspicious UDP Data' Thur, 03/10/2005 15:03:36 - UDP packet dropped - Source:195.67.4.11, 16804, WAN - Destination:*MON IP*, 1027, LAN - 'Suspicious UDP Data' Thur, 03/10/2005 15:03:58 - UDP packet dropped - Source:165.146.6.246, 4412, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data' Thur, 03/10/2005 15:11:20 - TCP connection dropped - Source:82.236.189.60, 1690, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Thur, 03/10/2005 15:21:12 - UDP packet dropped - Source:218.83.153.58, 60048, WAN - Destination:*MON IP*, 1027, LAN - 'Suspicious UDP Data' Thur, 03/10/2005 15:24:44 - TCP connection dropped - Source:60.34.186.120, 1057, WAN - Destination:*MON IP*, 5554, LAN - 'Suspicious TCP Data' Thur, 03/10/2005 15:34:18 - UDP packet dropped - Source67.126.194.45, 2893, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Thur, 03/10/2005 21:03:28 - UDP packet dropped - Source:196.33.25.190, 29756, WAN - Destination:*MON IP*, 1026, LAN - 'Suspicious UDP Data' Thur, 03/10/2005 21:03:30 - UDP packet dropped - Source:195.28.16.108, 13759, WAN - Destination:*MON IP*, 1027, LAN - 'Suspicious UDP Data' Thur, 03/10/2005 21:14:00 - TCP connection dropped - Source:211.193.128.140, 2322, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data' Thur, 03/10/2005 21:22:16 - TCP connection dropped - Source:218.147.68.125, 4009, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data' Thur, 03/10/2005 22:05:00 - TCP connection dropped - Source:80.132.181.254, 1727, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data' Thur, 03/10/2005 22:47:56 - TCP connection dropped - Source:61.231.58.201, 3891, WAN - Destination:*MON IP*, 1080, LAN - 'socks proxy' Thur, 03/10/2005 23:04:46 - TCP connection dropped - Source:218.59.36.38, 4530, WAN - Destination:*MON IP*, 21, LAN - 'FTP-ctrl' Thur, 03/10/2005 23:26:38 - UDP packet dropped - Source:218.83.153.58, 38671, WAN - Destination:*MON IP*, 1026, LAN - 'Suspicious UDP Data' Thur, 03/10/2005 23:44:42 - TCP connection dropped - Source:221.141.160.206, 3692, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data' Fri, 03/11/2005 00:02:22 - UDP packet dropped - Source:82.127.182.15, 1025, WAN - Destination:*MON IP*, 137, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 00:03:26 - UDP packet dropped - Source:195.185.56.245, 22449, WAN - Destination:*MON IP*, 1026, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 00:03:26 - UDP packet dropped - Source:195.24.233.157, 16439, WAN - Destination:*MON IP*, 1027, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 00:03:30 - Successful administrator login - Source:192.168.1.10, 2749, LAN - Destination:192.168.1.123, 80, LAN Fri, 03/11/2005 09:05:58 - TCP connection dropped - Source:211.200.247.81, 1210, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data' Fri, 03/11/2005 09:06:28 - TCP connection dropped - Source:202.103.213.38, 7000, WAN - Destination:*MON IP*, 13351, LAN - 'Suspicious TCP Data' Fri, 03/11/2005 09:11:00 - The Login expires after 192.168.1.10 idles for 5 minutes. Fri, 03/11/2005 09:16:04 - TCP connection dropped - Source:64.173.8.106, 18366, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data' Fri, 03/11/2005 09:25:34 - TCP connection dropped - Source:61.254.233.71, 4398, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data' Fri, 03/11/2005 09:35:04 - TCP connection dropped - Source:218.19.155.151, 61999, WAN - Destination:*MON IP*, 8080, LAN - 'WEB proxy' Fri, 03/11/2005 09:35:04 - TCP connection dropped - Source:218.19.155.151, 64535, WAN - Destination:*MON IP*, 80, LAN - 'WEB' Fri, 03/11/2005 10:04:02 - UDP packet dropped - Source:202.99.170.59, 1219, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 10:06:16 - TCP connection dropped - Source:193.55.120.160, 1689, WAN - Destination:*MON IP*, 21, LAN - 'FTP-ctrl' Fri, 03/11/2005 10:17:40 - TCP connection dropped - Source:82.127.19.188, 3027, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 10:27:06 - UDP packet dropped - Source:211.126.156.135, 3283, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 10:35:56 - TCP connection dropped - Source:82.127.19.188, 4376, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 10:50:20 - TCP connection dropped - Source:82.127.19.188, 1614, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 11:02:48 - TCP connection dropped - Source:82.127.19.188, 2110, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 11:07:23 - TCP connection dropped - Source:82.127.19.188, 4278, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 11:15:37 - UDP packet dropped - Source:202.9.178.33, 1139, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 11:25:35 - UDP packet dropped - Source:82.127.163.18, 1034, WAN - Destination:*MON IP*, 137, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 11:36:27 - UDP packet dropped - Source:82.127.163.18, 1033, WAN - Destination:*MON IP*, 137, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 11:44:39 - TCP connection dropped - Source:82.127.19.188, 1178, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 11:47:11 - TCP connection dropped - Source:211.238.89.217, 2545, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data' Fri, 03/11/2005 12:01:33 - UDP packet dropped - Source:82.54.155.182, 3060, WAN - Destination:*MON IP*, 137, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 12:02:19 - TCP connection dropped - Source:82.127.19.188, 1323, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 12:03:27 - UDP packet dropped - Source:195.123.108.168, 11323, WAN - Destination:*MON IP*, 1026, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 12:03:27 - UDP packet dropped - Source:195.230.230.20, 21247, WAN - Destination:*MON IP*, 1027, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 12:04:59 - TCP connection dropped - Source:82.127.163.101, 4923, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 12:09:37 - UDP packet dropped - Source:219.149.41.131, 2306, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 12:09:59 - TCP connection dropped - Source:82.127.19.188, 1485, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 12:12:53 - UDP packet dropped - Source:82.54.155.182, 3057, WAN - Destination:*MON IP*, 137, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 12:25:17 - TCP connection dropped - Source:211.49.230.112, 3510, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data' Fri, 03/11/2005 12:34:25 - TCP connection dropped - Source:82.127.19.188, 2378, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 12:35:53 - TCP connection dropped - Source:24.31.173.85, 2373, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data' Fri, 03/11/2005 12:44:23 - TCP connection dropped - Source:82.127.248.35, 1420, WAN - Destination:*MON IP*, 1025, LAN - 'Suspicious TCP Data' Fri, 03/11/2005 12:47:25 - TCP connection dropped - Source:82.127.19.188, 3217, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 12:51:47 - UDP packet dropped - Source:216.26.148.5, 15448, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 12:52:39 - TCP connection dropped - Source:82.127.150.144, 2856, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 12:53:27 - TCP connection dropped - Source:82.127.19.188, 2091, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 13:08:21 - TCP connection dropped - Source:82.127.150.144, 3320, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 13:14:51 - TCP connection dropped - Source:82.127.19.188, 1551, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 13:21:23 - TCP connection dropped - Source:82.127.19.188, 2241, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 13:28:01 - TCP connection dropped - Source:82.172.30.156, 4177, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 13:31:21 - UDP packet dropped - Source:210.254.80.80, 1450, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 13:38:55 - TCP connection dropped - Source:82.127.19.188, 2524, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 13:39:29 - TCP connection dropped - Source:82.127.210.65, 3045, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 13:45:51 - TCP connection dropped - Source:82.127.19.188, 1113, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 13:49:35 - TCP connection dropped - Source:222.117.17.117, 3203, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data' Fri, 03/11/2005 13:50:35 - TCP connection dropped - Source:82.127.196.59, 2150, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 13:52:29 - TCP connection dropped - Source:82.127.19.188, 4690, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 13:57:05 - TCP connection dropped - Source:82.127.19.188, 3156, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 14:00:57 - TCP connection dropped - Source:211.22.89.250, 4801, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data' Fri, 03/11/2005 14:02:43 - TCP connection dropped - Source:82.127.19.188, 2539, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 14:09:55 - TCP connection dropped - Source:82.127.19.188, 2770, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 14:22:47 - TCP connection dropped - Source:218.246.95.127, 2415, WAN - Destination:*MON IP*, 8080, LAN - 'WEB proxy' Fri, 03/11/2005 14:34:17 - UDP packet dropped - Source:82.123.67.226, 3283, WAN - Destination:*MON IP*, 3283, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 14:48:25 - TCP connection dropped - Source:82.127.19.188, 1870, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 14:54:53 - TCP connection dropped - Source:82.127.19.188, 3900, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 14:57:17 - TCP connection dropped - Source:82.252.245.120, 3539, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 15:03:21 - UDP packet dropped - Source:195.175.122.71, 22852, WAN - Destination:*MON IP*, 1026, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 15:03:23 - UDP packet dropped - Source:195.21.193.234, 6445, WAN - Destination:*MON IP*, 1027, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 15:21:07 - TCP connection dropped - Source:82.127.19.188, 3852, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 15:27:35 - TCP connection dropped - Source:82.127.19.188, 2318, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 15:30:11 - UDP packet dropped - Source:202.99.177.56, 1038, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 15:33:07 - TCP connection dropped - Source:82.127.19.188, 4857, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 15:37:47 - TCP connection dropped - Source:82.127.19.188, 3779, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 15:38:15 - TCP connection dropped - Source:82.237.191.147, 2808, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 15:40:11 - TCP connection dropped - Source:82.51.186.222, 4241, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 15:52:07 - TCP connection dropped - Source:217.107.19.63, 2336, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data' Fri, 03/11/2005 15:59:15 - TCP connection dropped - Source:82.127.19.188, 3842, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 16:03:25 - Successful administrator login - Source:192.168.1.10, 3506, LAN - Destination:192.168.1.123, 80, LAN Fri, 03/11/2005 16:07:27 - TCP connection dropped - Source:82.127.19.188, 1150, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS' Fri, 03/11/2005 16:08:05 - UDP packet dropped - Source:61.159.62.142, 1083, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data' Fri, 03/11/2005 16:09:15 - The Login expires after 192.168.1.10 idles for 5 minutes. Fri, 03/11/2005 16:14:21 - Successful administrator login - Source:192.168.1.107, 3791, LAN - Destination:192.168.1.123, 80, LAN End of Log ----------
Marsh Posté le 11-03-2005 à 20:32:39
ton routeur le bloque ? bon bah alors pourquoi tu veux te prendre la tete a savoir d'ou ca viens ca peut etre n'importe quoi.
Marsh Posté le 11-03-2005 à 20:42:07
ok merci
Make sure you enter the(*)required information where indicate.HTML code is not allowed
Marsh Posté le 11-03-2005 à 16:19:03
Bonjour,
j'aurais voulu savoir si si le log suivant vous paraissais suspect
en effet on retrouve assez souvent certaines IP en provenance de wanadoo
ca pourrais etre tout simplement un vers mais je ne sais
es ce anormal ?
Thur, 03/10/2005 12:52:26 - TCP connection dropped - Source:82.237.20.97, 1701, WAN - Destination:*MON IP*, 6101, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 12:53:02 - TCP connection dropped - Source:82.253.151.141, 4731, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 12:54:38 - TCP connection dropped - Source:82.149.191.165, 4389, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 12:56:48 - TCP connection dropped - Source:141.213.11.238, 3629, WAN - Destination:*MON IP*, 3410, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 13:08:04 - TCP connection dropped - Source:82.224.108.12, 4340, WAN - Destination:*MON IP*, 17771, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 13:11:08 - TCP connection dropped - Source:82.43.164.105, 1935, WAN - Destination:*MON IP*, 1025, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 13:17:16 - TCP connection dropped - Source:82.127.19.188, 2755, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 13:21:42 - TCP connection dropped - Source:82.127.19.188, 4193, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 13:31:52 - TCP connection dropped - Source:218.62.8.70, 3701, WAN - Destination:*MON IP*, 22, LAN - 'SSH'
Thur, 03/10/2005 13:59:58 - TCP connection dropped - Source:80.189.231.116, 3972, WAN - Destination:*MON IP*, 17300, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 14:09:26 - TCP connection dropped - Source:82.228.144.70, 2060, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 14:11:44 - TCP connection dropped - Source:82.127.141.33, 1887, WAN - Destination:*MON IP*, 1025, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 14:11:44 - TCP connection dropped - Source:82.127.141.33, 1890, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 14:11:46 - TCP connection dropped - Source:82.127.141.33, 1890, WAN - Destination:*MON IP*, 139, LAN - 'Possible Port Scan'
Thur, 03/10/2005 14:11:54 - TCP connection dropped - Source:82.53.144.161, 3278, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 14:15:26 - UDP packet dropped - Source:83.192.56.89, 3008, WAN - Destination:*MON IP*, 135, LAN - 'Suspicious UDP Data'
Thur, 03/10/2005 14:23:44 - UDP packet dropped - Source:218.200.176.30, 1124, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Thur, 03/10/2005 14:23:44 - TCP connection dropped - Source:82.52.61.118, 3925, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 14:27:14 - TCP connection dropped - Source:82.232.84.131, 4234, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 14:36:42 - TCP connection dropped - Source:217.219.145.9, 3228, WAN - Destination:*MON IP*, 21, LAN - 'FTP-ctrl'
Thur, 03/10/2005 14:52:16 - TCP connection dropped - Source:82.127.139.63, 4083, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 14:52:58 - TCP connection dropped - Source:82.157.86.159, 1676, WAN - Destination:*MON IP*, 2745, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 15:03:34 - UDP packet dropped - Source:195.89.58.57, 27327, WAN - Destination:*MON IP*, 1026, LAN - 'Suspicious UDP Data'
Thur, 03/10/2005 15:03:36 - UDP packet dropped - Source:195.67.4.11, 16804, WAN - Destination:*MON IP*, 1027, LAN - 'Suspicious UDP Data'
Thur, 03/10/2005 15:03:58 - UDP packet dropped - Source:165.146.6.246, 4412, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Thur, 03/10/2005 15:11:20 - TCP connection dropped - Source:82.236.189.60, 1690, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 15:21:12 - UDP packet dropped - Source:218.83.153.58, 60048, WAN - Destination:*MON IP*, 1027, LAN - 'Suspicious UDP Data'
Thur, 03/10/2005 15:24:44 - TCP connection dropped - Source:60.34.186.120, 1057, WAN - Destination:*MON IP*, 5554, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 15:34:18 - UDP packet dropped - Source67.126.194.45, 2893, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Thur, 03/10/2005 21:03:28 - UDP packet dropped - Source:196.33.25.190, 29756, WAN - Destination:*MON IP*, 1026, LAN - 'Suspicious UDP Data'
Thur, 03/10/2005 21:03:30 - UDP packet dropped - Source:195.28.16.108, 13759, WAN - Destination:*MON IP*, 1027, LAN - 'Suspicious UDP Data'
Thur, 03/10/2005 21:14:00 - TCP connection dropped - Source:211.193.128.140, 2322, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 21:22:16 - TCP connection dropped - Source:218.147.68.125, 4009, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 22:05:00 - TCP connection dropped - Source:80.132.181.254, 1727, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Thur, 03/10/2005 22:47:56 - TCP connection dropped - Source:61.231.58.201, 3891, WAN - Destination:*MON IP*, 1080, LAN - 'socks proxy'
Thur, 03/10/2005 23:04:46 - TCP connection dropped - Source:218.59.36.38, 4530, WAN - Destination:*MON IP*, 21, LAN - 'FTP-ctrl'
Thur, 03/10/2005 23:26:38 - UDP packet dropped - Source:218.83.153.58, 38671, WAN - Destination:*MON IP*, 1026, LAN - 'Suspicious UDP Data'
Thur, 03/10/2005 23:44:42 - TCP connection dropped - Source:221.141.160.206, 3692, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 00:02:22 - UDP packet dropped - Source:82.127.182.15, 1025, WAN - Destination:*MON IP*, 137, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 00:03:26 - UDP packet dropped - Source:195.185.56.245, 22449, WAN - Destination:*MON IP*, 1026, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 00:03:26 - UDP packet dropped - Source:195.24.233.157, 16439, WAN - Destination:*MON IP*, 1027, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 00:03:30 - Successful administrator login - Source:192.168.1.10, 2749, LAN - Destination:192.168.1.123, 80, LAN
Fri, 03/11/2005 09:05:58 - TCP connection dropped - Source:211.200.247.81, 1210, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 09:06:28 - TCP connection dropped - Source:202.103.213.38, 7000, WAN - Destination:*MON IP*, 13351, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 09:11:00 - The Login expires after 192.168.1.10 idles for 5 minutes.
Fri, 03/11/2005 09:16:04 - TCP connection dropped - Source:64.173.8.106, 18366, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 09:25:34 - TCP connection dropped - Source:61.254.233.71, 4398, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 09:35:04 - TCP connection dropped - Source:218.19.155.151, 61999, WAN - Destination:*MON IP*, 8080, LAN - 'WEB proxy'
Fri, 03/11/2005 09:35:04 - TCP connection dropped - Source:218.19.155.151, 64535, WAN - Destination:*MON IP*, 80, LAN - 'WEB'
Fri, 03/11/2005 10:04:02 - UDP packet dropped - Source:202.99.170.59, 1219, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 10:06:16 - TCP connection dropped - Source:193.55.120.160, 1689, WAN - Destination:*MON IP*, 21, LAN - 'FTP-ctrl'
Fri, 03/11/2005 10:17:40 - TCP connection dropped - Source:82.127.19.188, 3027, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 10:27:06 - UDP packet dropped - Source:211.126.156.135, 3283, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 10:35:56 - TCP connection dropped - Source:82.127.19.188, 4376, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 10:50:20 - TCP connection dropped - Source:82.127.19.188, 1614, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 11:02:48 - TCP connection dropped - Source:82.127.19.188, 2110, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 11:07:23 - TCP connection dropped - Source:82.127.19.188, 4278, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 11:15:37 - UDP packet dropped - Source:202.9.178.33, 1139, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 11:25:35 - UDP packet dropped - Source:82.127.163.18, 1034, WAN - Destination:*MON IP*, 137, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 11:36:27 - UDP packet dropped - Source:82.127.163.18, 1033, WAN - Destination:*MON IP*, 137, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 11:44:39 - TCP connection dropped - Source:82.127.19.188, 1178, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 11:47:11 - TCP connection dropped - Source:211.238.89.217, 2545, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 12:01:33 - UDP packet dropped - Source:82.54.155.182, 3060, WAN - Destination:*MON IP*, 137, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 12:02:19 - TCP connection dropped - Source:82.127.19.188, 1323, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 12:03:27 - UDP packet dropped - Source:195.123.108.168, 11323, WAN - Destination:*MON IP*, 1026, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 12:03:27 - UDP packet dropped - Source:195.230.230.20, 21247, WAN - Destination:*MON IP*, 1027, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 12:04:59 - TCP connection dropped - Source:82.127.163.101, 4923, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 12:09:37 - UDP packet dropped - Source:219.149.41.131, 2306, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 12:09:59 - TCP connection dropped - Source:82.127.19.188, 1485, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 12:12:53 - UDP packet dropped - Source:82.54.155.182, 3057, WAN - Destination:*MON IP*, 137, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 12:25:17 - TCP connection dropped - Source:211.49.230.112, 3510, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 12:34:25 - TCP connection dropped - Source:82.127.19.188, 2378, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 12:35:53 - TCP connection dropped - Source:24.31.173.85, 2373, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 12:44:23 - TCP connection dropped - Source:82.127.248.35, 1420, WAN - Destination:*MON IP*, 1025, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 12:47:25 - TCP connection dropped - Source:82.127.19.188, 3217, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 12:51:47 - UDP packet dropped - Source:216.26.148.5, 15448, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 12:52:39 - TCP connection dropped - Source:82.127.150.144, 2856, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 12:53:27 - TCP connection dropped - Source:82.127.19.188, 2091, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:08:21 - TCP connection dropped - Source:82.127.150.144, 3320, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:14:51 - TCP connection dropped - Source:82.127.19.188, 1551, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:21:23 - TCP connection dropped - Source:82.127.19.188, 2241, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:28:01 - TCP connection dropped - Source:82.172.30.156, 4177, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:31:21 - UDP packet dropped - Source:210.254.80.80, 1450, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 13:38:55 - TCP connection dropped - Source:82.127.19.188, 2524, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:39:29 - TCP connection dropped - Source:82.127.210.65, 3045, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:45:51 - TCP connection dropped - Source:82.127.19.188, 1113, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:49:35 - TCP connection dropped - Source:222.117.17.117, 3203, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 13:50:35 - TCP connection dropped - Source:82.127.196.59, 2150, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:52:29 - TCP connection dropped - Source:82.127.19.188, 4690, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 13:57:05 - TCP connection dropped - Source:82.127.19.188, 3156, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 14:00:57 - TCP connection dropped - Source:211.22.89.250, 4801, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 14:02:43 - TCP connection dropped - Source:82.127.19.188, 2539, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 14:09:55 - TCP connection dropped - Source:82.127.19.188, 2770, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 14:22:47 - TCP connection dropped - Source:218.246.95.127, 2415, WAN - Destination:*MON IP*, 8080, LAN - 'WEB proxy'
Fri, 03/11/2005 14:34:17 - UDP packet dropped - Source:82.123.67.226, 3283, WAN - Destination:*MON IP*, 3283, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 14:48:25 - TCP connection dropped - Source:82.127.19.188, 1870, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 14:54:53 - TCP connection dropped - Source:82.127.19.188, 3900, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 14:57:17 - TCP connection dropped - Source:82.252.245.120, 3539, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 15:03:21 - UDP packet dropped - Source:195.175.122.71, 22852, WAN - Destination:*MON IP*, 1026, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 15:03:23 - UDP packet dropped - Source:195.21.193.234, 6445, WAN - Destination:*MON IP*, 1027, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 15:21:07 - TCP connection dropped - Source:82.127.19.188, 3852, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 15:27:35 - TCP connection dropped - Source:82.127.19.188, 2318, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 15:30:11 - UDP packet dropped - Source:202.99.177.56, 1038, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 15:33:07 - TCP connection dropped - Source:82.127.19.188, 4857, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 15:37:47 - TCP connection dropped - Source:82.127.19.188, 3779, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 15:38:15 - TCP connection dropped - Source:82.237.191.147, 2808, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 15:40:11 - TCP connection dropped - Source:82.51.186.222, 4241, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 15:52:07 - TCP connection dropped - Source:217.107.19.63, 2336, WAN - Destination:*MON IP*, 4899, LAN - 'Suspicious TCP Data'
Fri, 03/11/2005 15:59:15 - TCP connection dropped - Source:82.127.19.188, 3842, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 16:03:25 - Successful administrator login - Source:192.168.1.10, 3506, LAN - Destination:192.168.1.123, 80, LAN
Fri, 03/11/2005 16:07:27 - TCP connection dropped - Source:82.127.19.188, 1150, WAN - Destination:*MON IP*, 139, LAN - 'NetBIOS'
Fri, 03/11/2005 16:08:05 - UDP packet dropped - Source:61.159.62.142, 1083, WAN - Destination:*MON IP*, 1434, LAN - 'Suspicious UDP Data'
Fri, 03/11/2005 16:09:15 - The Login expires after 192.168.1.10 idles for 5 minutes.
Fri, 03/11/2005 16:14:21 - Successful administrator login - Source:192.168.1.107, 3791, LAN - Destination:192.168.1.123, 80, LAN
End of Log ----------