I've a wireless router on which I've switched security logs on.
I've got this log today.
TCP Packet - Source:220.127.116.11,1362 Destination:18.104.22.168,18908 - [DOS]
TCP Packet - Source:22.214.171.124,1363 Destination:126.96.36.199,4438 - [DOS]
TCP Packet - Source:188.8.131.52,1366 Destination:184.108.40.206,7934 - [DOS]
TCP Packet - Source:220.127.116.11,1373 Destination:18.104.22.168,14968 - [DOS]
TCP Packet - Source:22.214.171.124,1374 Destination:126.96.36.199,466 - [DOS]
TCP Packet - Source:188.8.131.52 Destination:184.108.40.206 - [PORT SCAN]
TCP Packet - Source:220.127.116.11,2392 Destination:18.104.22.168,24467 - [DOS]
Well, none of this IP is mine, so I don't know whether my router is doing something funny.
Can someone please explain me the big picture.
The source seems to be something using Sony Network Taiwan and the destination appears to be something using NTL United Kingdom. They both look like residential addresses.
Did your firewall let the packets through?
I would recommend looking at your router manual to see what the logs mean. "DOS" seems to imply denial of service?
Are there a lot of those entries or is that the lot?
What kind of router are you running?
Any P2P traffic on your network?