D LInk Router Logs Question

[Seville]

Hi

Been with Sky BB for nearly 3 years. Originally had a DG934 but after recent issues, Sky have provided a shiny new D Link 2640.

My question is when viewing the logs, there are regular messages of

kernel: Intrusion -> IN=pppoa0 OUT= MAC= SRC=41.237.100.199 DST=XXX.XXX.XXX.XXX LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=36393 DF PROTO=TCP SPT=2629 DPT=23 WINDOW=5808 RES=0x00 SYN URGP=0

XXX being my Internet address. The source IP differs each time, but they are all hitting my IP address over port 23(telnet). Can someone tell me whether the log is simply saying this Source has tried to Telnet or has actually managed to breach the firewall. At least on the Netgear it told you if it was blocked and what time it happened.

As I say the logging doesn't specify times so its hard to determine when it has happened.

Doing an nslookup on this particular address shows the host name is originating from Egypt

Anyone any ideas

[Isitme]

I am pretty sure it has been blocked. If it had got through the router I don't think you would see anything in the log at all. To be on the safe side, change the router admin password to something unique to you and turn off Respond to Ping. Responding to ping just lets hackers know that something is at the address they are pinging.

[Seville]

I agree - 1st thing I did was change the password and switch ping off. With the netgear, it would say "rule match" or something like that. It may just be the wording of it as I dont have this port opened or any for that matter. The logging could be better and clearer in what it is logging on.