Hi:
I have a netgear router which has a public AP (hotspot) connected to it. On some days, one particular user regularly causes my router log to look like the one posted below. Can anyone tell me what he is doing to cause this sort of response from the router?
Thanks!
Robert
-------router log excerpt starts here-----
Mon, 05/05/2008 09:51:24 - TCP connection dropped - Source:69.28.158.49, 80, WAN - Destination:192.168.3.2, 18553, LAN - 'Suspicious TCP Data'
Thur, 05/08/2008 07:25:39 - UDP packet dropped - Source:192.168.3.3, 137, WAN - Destination:192.168.3.2, 137, LAN - 'Possible Port Scan'
Thur, 05/08/2008 07:25:51 - TCP connection dropped - Source:192.168.3.3, 49186, WAN - Destination:192.168.3.2, 80, LAN - 'WEB'
Thur, 05/08/2008 07:26:31 - TCP connection dropped - Source:192.168.3.3, 5000, WAN - Destination:192.168.3.2, 8080, LAN - 'WEB proxy'
Thur, 05/08/2008 07:26:35 - TCP connection dropped - Source:192.168.3.3, 5000, WAN - Destination:192.168.3.2, 139, LAN - 'Possible Port Scan'
Thur, 05/08/2008 07:49:45 - TCP connection dropped - Source:192.168.3.3, 49509, WAN - Destination:192.168.3.2, 80, LAN - 'WEB'
Thur, 05/08/2008 07:50:05 - UDP packet dropped - Source:192.168.3.3, 61185, WAN - Destination:192.168.3.2, 161, LAN - 'Possible Port Scan'
Thur, 05/08/2008 07:50:33 - TCP connection dropped - Source:192.168.3.3, 5000, WAN - Destination:192.168.3.2, 445, LAN - 'SMB'
Thur, 05/08/2008 08:13:27 - TCP connection dropped - Source:192.168.3.3, 49610, WAN - Destination:192.168.3.2, 80, LAN - 'WEB'
Thur, 05/08/2008 08:14:19 - UDP packet dropped - Source:192.168.3.3, 5000, WAN - Destination:192.168.3.2, 137, LAN - 'Suspicious UDP Data'
Thur, 05/08/2008 08:37:09 - TCP connection dropped - Source:192.168.3.3, 49735, WAN - Destination:192.168.3.2, 80, LAN - 'WEB'
Thur, 05/08/2008 08:38:05 - UDP packet dropped - Source:192.168.3.3, 5000, WAN - Destination:192.168.3.2, 138, LAN - 'Suspicious UDP Data'
Thur, 05/08/2008 09:00:51 - TCP connection dropped - Source:192.168.3.3, 49837, WAN - Destination:192.168.3.2, 80, LAN - 'WEB'
Thur, 05/08/2008 09:01:51 - UDP packet dropped - Source:192.168.3.3, 5000, WAN - Destination:192.168.3.2, 10421, LAN - 'Suspicious UDP Data'
Thur, 05/08/2008 09:49:49 - TCP connection dropped - Source:192.168.3.3, 49184, WAN - Destination:192.168.3.2, 80, LAN - 'WEB'
Thur, 05/08/2008 09:50:09 - UDP packet dropped - Source:192.168.3.3, 52896, WAN - Destination:192.168.3.2, 161, LAN - 'Suspicious UDP Data'
Thur, 05/08/2008 10:13:33 - TCP connection dropped - Source:192.168.3.3, 50059, WAN - Destination:192.168.3.2, 80, LAN - 'WEB'
Thur, 05/08/2008 10:14:39 - UDP packet dropped - Source:192.168.3.3, 5000, WAN - Destination:192.168.3.2, 10426, LAN - 'Suspicious UDP Data'
Thur, 05/08/2008 10:37:17 - TCP connection dropped - Source:192.168.3.3, 51005, WAN - Destination:192.168.3.2, 80, LAN - 'WEB'
Thur, 05/08/2008 11:00:57 - TCP connection dropped - Source:192.168.3.3, 52051, WAN - Destination:192.168.3.2, 80, LAN - 'WEB'
Thur, 05/08/2008 11:24:39 - TCP connection dropped - Source:192.168.3.3, 52148, WAN - Destination:192.168.3.2, 80, LAN - 'WEB'
Thur, 05/08/2008 13:13:30 - TCP connection dropped - Source:192.168.3.3, 49195, WAN - Destination:192.168.3.2, 80, LAN - 'WEB'
Thur, 05/08/2008 13:13:52 - UDP packet dropped - Source:192.168.3.3, 55704, WAN - Destination:192.168.3.2, 161, LAN - 'Suspicious UDP Data'
Thur, 05/08/2008 13:37:12 - TCP connection dropped - Source:192.168.3.3, 49271, WAN - Destination:192.168.3.2, 80, LAN - 'WEB'
End of Log ----------