G
Guest
I recently enabled the Windows Firewal log and being behind a "locked down"
NAT Router, I expected to see nothing. A few days later I noticed a bunch of
droped TCP packet entries and thought something was wrong with the router.
Here are a few examples:
2006-04-24 09:47:02 DROP TCP 63.101.150.68 172.16.64.57 80 1177 263 AP
2535659266 1617252021 33120 - - - RECEIVE
2006-04-24 09:47:17 DROP TCP 66.39.107.246 172.16.64.57 80 1183 1500 A
823588747 677492962 65535 - - - RECEIVE
2006-04-24 09:49:11 DROP TCP 209.62.176.182 172.16.64.57 80 1233 48 SA
1216910770 43087295 17520 - - - RECEIVE
2006-04-24 09:51:49 DROP TCP 64.154.81.197 172.16.64.57 80 1246 301 AP
4063871258 2431426759 32767 - - - RECEIVE
2006-04-24 09:54:24 DROP TCP 207.142.131.203 172.16.64.57 80 1313 48 SA
1643399492 3961982485 5840 - - - RECEIVE
I checked another PC at a completely different location behind a completly
different firewall and noticed the same sort of thing. I'm pretty sure that
these entries are coincident with websurfing. Sometimes the source IPs
corespond to sites visited at that time, some not, some I cant tell.
Can anyone explain this to me?
NAT Router, I expected to see nothing. A few days later I noticed a bunch of
droped TCP packet entries and thought something was wrong with the router.
Here are a few examples:
2006-04-24 09:47:02 DROP TCP 63.101.150.68 172.16.64.57 80 1177 263 AP
2535659266 1617252021 33120 - - - RECEIVE
2006-04-24 09:47:17 DROP TCP 66.39.107.246 172.16.64.57 80 1183 1500 A
823588747 677492962 65535 - - - RECEIVE
2006-04-24 09:49:11 DROP TCP 209.62.176.182 172.16.64.57 80 1233 48 SA
1216910770 43087295 17520 - - - RECEIVE
2006-04-24 09:51:49 DROP TCP 64.154.81.197 172.16.64.57 80 1246 301 AP
4063871258 2431426759 32767 - - - RECEIVE
2006-04-24 09:54:24 DROP TCP 207.142.131.203 172.16.64.57 80 1313 48 SA
1643399492 3961982485 5840 - - - RECEIVE
I checked another PC at a completely different location behind a completly
different firewall and noticed the same sort of thing. I'm pretty sure that
these entries are coincident with websurfing. Sometimes the source IPs
corespond to sites visited at that time, some not, some I cant tell.
Can anyone explain this to me?