Thanks for responding and yes my wireless router does have an enabled firewall. In fact, just yesterday I had do a major reworking because the Dlink firewall was blocking my voIP router.
My stealth ports wizard is using “Define a new trusted network” where I have listed all my current networks but none of those networks contain any of the IPs appearing on my firewall events log. Does that shed any light on this problem? I have 154 blocked intrusion attempts and counting . . . :o
I’m sorry to be so ignorant about this but, what exactly do you mean by “go over the settings” for the hardware firewall? I have access to an online admin site for the Dlink . . . is that were I need go?
Ok so that’s what I thought. Yes I do have access to that online. The question is: what must I do when I get there? I was just there a few minutes ago and I did not see any of the IPs listed on the Firewall events in those settings.
Look for firewall settings and see what you are blocking.
For my Dlink router, under firewall settings/NAT endpoint filtering/UDP endpoint filtering it is set to address restricted. The other two selections in this area are a) Endpoint Indpendent and b) Port and Address restricted. Is the selected setting (address restricted) part of this problem?
It looks like your router is letting UDP requests through becuase CFP is blocking them.
I don’t quite understand the significance of this: Should my Dlink router be letting in UDP requests or is this a bad thing?
The IP 184.108.40.206 belongs to microsoft.
220.127.116.11 is Yahoo
18.104.22.168 is my voIP provider
22.214.171.124 is someone/company in Bulgaria
126.96.36.199 is someone/company in China
188.8.131.52 is a telecom company in China
Why is microsoft trying to get into my network? Could this be an attempt to update XP? Why is Yahoo trying to get into my network? Should I allow my voIP provider access to my network? I assume I should do this since they are providing my phone service. Is it likely that the IP intrusions from Bulgaria and China are examples of malicious intrusion attempts?
My main concern in all of this that CFP is blocking connections that aren’t malicious and should be allowed resulting in poor internet and/or voIP service.
It depends if you are have your router set to block UDP or not. For example, my router is set to block all incoming requests, so I don’t get any UDPs, TCPs, etc. Can i see a screenshot of what you’re describing above with your router settings?
Sorry, but I don’t why MS, Yahoo and voIP are sending those requests.
As for the China and Bulgaria requests, I wouldn’t let those in. Probably port scans and such.