Router Log

Palooka · #1 19th October 2009, 11:56 PM

Hello all. I'd welcome some advice here.

I acquired a new home wireless router a few days ago.

Having configured it, I set it up to email me its logs periodically.
Here is the first:

<Log Starts>
Oct 19 21:52:24 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:52:20 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:51:52 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:51:48 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:51:19 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:51:15 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:50:49 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:50:45 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:50:19 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:50:15 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:49:49 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:49:45 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:48:49 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:48:45 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:48:16 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:48:12 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:47:46 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:47:41 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:47:13 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:47:09 | Drop PING request from WAN (ip:99.195.134.66).
Oct 19 21:09:03 | Drop PING request from WAN (ip:201.161.63.135).
Oct 19 21:09:01 | Drop PING request from WAN (ip:201.161.63.135).
Oct 19 20:59:18 | Drop TCP packet from WAN (src:67.212.81.186:60181, dst:82.29.124.244:80) by default rule.
Oct 19 19:42:37 | DHCP: Server sending ACK to 192.168.1.101. (Lease time = 604800)
Oct 19 19:42:37 | DHCP: Server receive REQUEST from 00:1f:3a:bb:47:20.
Oct 19 18:23:34 | Drop PING request from WAN (ip:72.191.212.107).
Oct 19 15:59:18 | Drop PING request from WAN (ip:207.248.57.7).
Oct 19 15:59:16 | Drop PING request from WAN (ip:207.248.57.7).
Oct 19 13:56:11 | Drop PING request from WAN (ip:187.67.99.204).
Oct 19 13:56:09 | Drop PING request from WAN (ip:187.67.99.204).
Oct 19 13:41:44 | Drop PING request from WAN (ip:221.115.182.85).
Oct 19 13:41:42 | Drop PING request from WAN (ip:221.115.182.85).
Oct 19 11:19:56 | Drop PING request from WAN (ip:202.106.106.160).
Oct 19 10:19:39 | Drop PING request from WAN (ip:202.106.106.160).
Oct 19 09:59:29 | Drop PING request from WAN (ip:59.126.186.28).
Oct 19 09:59:27 | Drop PING request from WAN (ip:59.126.186.28).
Oct 19 08:50:51 | Drop TCP packet from WAN (src:121.14.229.199:6000, dst:82.29.124.244:80) by default rule.
Oct 19 06:37:52 | Drop PING request from WAN (ip:219.141.242.134).
Oct 19 06:31:05 | Drop TCP packet from WAN (src:121.14.229.199:6000, dst:82.29.124.244:80) by default rule.
Oct 19 04:14:48 | Drop TCP packet from WAN (src:121.14.229.199:6000, dst:82.29.124.244:80) by default rule.
Oct 19 00:52:10 | Drop PING request from WAN (ip:24.156.114.59).
Oct 19 00:52:08 | Drop PING request from WAN (ip:24.156.114.59).
Oct 19 00:18:55 | Drop PING request from WAN (ip:59.44.98.22).
Oct 18 23:14:19 | Drop TCP packet from WAN (src:221.130.191.222:33421, dst:82.29.124.244:80) by default rule.
Oct 18 23:14:16 | Drop TCP packet from WAN (src:221.130.191.222:33421, dst:82.29.124.244:80) by default rule.
Oct 18 22:18:06 | Drop TCP packet from WAN (src:67.219.60.70:48763, dst:82.29.124.244:80) by default rule.
Oct 18 22:18:03 | Drop TCP packet from WAN (src:67.219.60.70:48763, dst:82.29.124.244:80) by default rule.
Oct 18 22:06:53 | Drop PING request from WAN (ip:218.235.104.78).
Oct 18 22:06:51 | Drop PING request from WAN (ip:218.235.104.78).
Oct 18 21:57:54 | Drop PING request from WAN (ip:222.95.162.240).
Oct 18 21:57:52 | Drop PING request from WAN (ip:222.95.162.240).
Oct 18 19:59:45 | Drop PING request from WAN (ip:202.106.106.160).
Oct 18 19:46:07 | Drop PING request from WAN (ip:82.29.123.36).
Oct 18 18:47:17 | Drop TCP packet from WAN (src:122.227.164.96:12200, dst:82.29.124.244:80) by default rule.
Oct 18 18:29:52 | Drop PING request from WAN (ip:202.106.106.160).
Oct 18 16:04:28 | Drop PING request from WAN (ip:189.49.213.38).
Oct 18 16:04:25 | Drop PING request from WAN (ip:189.49.213.38).
Oct 18 15:59:10 | Drop PING request from WAN (ip:202.106.106.160).
Oct 18 14:45:06 | Drop TCP packet from WAN (src:61.156.31.20:6000, dst:82.29.124.244:80) by default rule.
Oct 18 14:01:56 | Drop TCP packet from WAN (src:86.144.217.65:58841, dst:82.29.124.244:80) by default rule.
Oct 18 14:01:50 | Drop TCP packet from WAN (src:86.144.217.65:58841, dst:82.29.124.244:80) by default rule.
Oct 18 14:01:47 | Drop TCP packet from WAN (src:86.144.217.65:58841, dst:82.29.124.244:80) by default rule.
Oct 18 13:42:45 | Drop TCP packet from WAN (src:91.107.18.203:1120, dst:82.29.124.244:80) by default rule.
Oct 18 13:42:39 | Drop TCP packet from WAN (src:91.107.18.203:1120, dst:82.29.124.244:80) by default rule.
Oct 18 13:42:36 | Drop TCP packet from WAN (src:91.107.18.203:1120, dst:82.29.124.244:80) by default rule.
Oct 18 13:04:57 | Drop TCP packet from WAN (src:61.156.31.20:6000, dst:82.29.124.244:80) by default rule.
Oct 18 10:58:23 | Drop PING request from WAN (ip:202.106.106.160).
Oct 18 10:56:04 | Drop TCP packet from WAN (src:80.86.81.49:43796, dst:82.29.124.244:80) by default rule.
Oct 18 10:55:21 | Drop TCP packet from WAN (src:92.37.24.249:1056, dst:82.29.124.244:80) by default rule.
Oct 18 10:55:15 | Drop TCP packet from WAN (src:92.37.24.249:1056, dst:82.29.124.244:80) by default rule.
Oct 18 10:55:12 | Drop TCP packet from WAN (src:92.37.24.249:1056, dst:82.29.124.244:80) by default rule.
Oct 18 10:54:29 | Drop TCP packet from WAN (src:90.195.219.119:1734, dst:82.29.124.244:80) by default rule.
Oct 18 10:54:23 | Drop TCP packet from WAN (src:90.195.219.119:1734, dst:82.29.124.244:80) by default rule.
Oct 18 10:54:20 | Drop TCP packet from WAN (src:90.195.219.119:1734, dst:82.29.124.244:80) by default rule.
Oct 18 10:52:07 | Drop TCP packet from WAN (src:81.202.166.178:35922, dst:82.29.124.244:80) by default rule.
Oct 18 10:52:04 | Drop TCP packet from WAN (src:81.202.166.178:35922, dst:82.29.124.244:80) by default rule.
Oct 18 10:50:28 | Drop PING request from WAN (ip:69.123.185.218).
Oct 18 10:50:26 | Drop PING request from WAN (ip:69.123.185.218).
Oct 18 09:28:28 | Drop PING request from WAN (ip:202.106.106.160).
Oct 18 08:11:43 | Drop TCP packet from WAN (src:86.2.93.239:1093, dst:82.29.124.244:80) by default rule.
Oct 18 08:11:37 | Drop TCP packet from WAN (src:86.2.93.239:1093, dst:82.29.124.244:80) by default rule.
Oct 18 08:11:34 | Drop TCP packet from WAN (src:86.2.93.239:1093, dst:82.29.124.244:80) by default rule.
Oct 18 06:11:23 | Drop TCP packet from WAN (src:88.109.40.5:52802, dst:82.29.124.244:80) by default rule.
Oct 18 06:11:17 | Drop TCP packet from WAN (src:88.109.40.5:52802, dst:82.29.124.244:80) by default rule.
Oct 18 06:11:14 | Drop TCP packet from WAN (src:88.109.40.5:52802, dst:82.29.124.244:80) by default rule.
Oct 18 05:07:27 | Drop TCP packet from WAN (src:87.244.81.70:60425, dst:82.29.124.244:80) by default rule.
Oct 18 05:07:21 | Drop TCP packet from WAN (src:87.244.81.70:60425, dst:82.29.124.244:80) by default rule.
Oct 18 05:07:18 | Drop TCP packet from WAN (src:87.244.81.70:60425, dst:82.29.124.244:80) by default rule.
Oct 18 04:11:03 | Drop TCP packet from WAN (src:82.46.9.170:57834, dst:82.29.124.244:80) by default rule.
Oct 18 04:10:57 | Drop TCP packet from WAN (src:82.46.9.170:57834, dst:82.29.124.244:80) by default rule.
Oct 18 04:10:54 | Drop TCP packet from WAN (src:82.46.9.170:57834, dst:82.29.124.244:80) by default rule.
Oct 18 04:08:43 | Drop TCP packet from WAN (src:86.138.174.0:54348, dst:82.29.124.244:80) by default rule.
Oct 18 04:08:37 | Drop TCP packet from WAN (src:86.138.174.0:54348, dst:82.29.124.244:80) by default rule.
Oct 18 04:08:34 | Drop TCP packet from WAN (src:86.138.174.0:54348, dst:82.29.124.244:80) by default rule.
Oct 18 04:03:56 | DHCP: Server sending ACK to 192.168.1.101. (Lease time = 604800)
Oct 18 04:03:56 | DHCP: Server receive REQUEST from 00:1f:3a:bb:47:20.
Oct 17 23:52:26 | Drop PING request from WAN (ip:97.103.40.119).
Oct 17 23:52:23 | Drop PING request from WAN (ip:97.103.40.119).
Oct 17 23:10:59 | Drop TCP packet from WAN (src:94.194.102.96:63227, dst:82.29.124.244:80) by default rule.
<Log ends>

There is tons more of the same, but I have snipped it.

Does this mean that we are all under constant attack, or that I have misconfigured something, or that I am just being paranoid?

Thanks,
Palooka

sej7278 · #2 20th October 2009, 12:59 AM

just script kiddies pinging and trying to connect to port 80 (http)

i get the same with port 25 (smtp) mainly from brazil and eastern european countries for some reason, yours seems to be the uk mainly but some spain, slovenia, china etc according to geoiplookup

don't worry about it, you're dropping it anyway.