Since we upgraded our firewall and I set the logs to be sent to me every day I have a noticed a few IPs that keep coming up in the logs. They seem to be port scans and TCP syn/fin packets that are dropped.

Some examples are...

TCP Syn/Fin packet dropped - 82.212.73.154, 32459, WAN

IP spoof dropped - 172.191.116.174, 8, LAN - 172.190.12.34, 512, WAN

Possible port scan dropped - 66.64.57.66, 80, WAN - **.**.**.***, 5445, WAN - TCP scanned port list, 5433, 5433, 5433, 5433, 5433

ASPACK packed executable file blocked - 85.102.255.189, 16853,

MEW11 SE packed executable file blocked - 195.60.180.75, 2016, WAN

and so on.

Should I do anything about this? I have run some lookups and find that these come from different places and companies throughout the US and world. Is this normal...should I send emails or call these companies informing them to stop with the scans and such? What are they trying to do? SPAM? VIRUS? Break into our company?

Thanks for any advice you can give me as I am new to this firewall monitoring