 | Junior Member with 1 posts. | | Join Date: Sep 2007 Location: New York City Experience: Advanced | |
 No Worries Hi Trebor,
Basically, SPT=12200 DPT=7212 means "source port 12000 and destination port 7212".
It means something scanned your IP to see if you were open on port 7212.
This is a pretty normal thing to see in a firewall log anywhere. It is very common. There are bots and people who can ports looking for open proxies. 7212 is a tcp port used by a well known open proxy - meaning someone could surf the Internet, send spam, etc through your proxy IF it was open and you didn't have a firewall.
This is simply your firewall telling you it did it's job. You'll see similar entries for other ports, especially ports in the 1020-1030 range which are old Microsoft pop up ports that would let you send pop up messages to people on your local LAN. (or let spammers send you pop up ads).
The other line is just your firewall router telling you it's inside Ethernet interface is up.
This is all normal activity and you don't have anything to worry about. Your firewall is doing it's job and it is good you are monitoring the logs.
If you don't already monitor and keep historical logs, you should. Install something like Kiwi Syslog and set your PC up to receive the logs from your firewall.
Cheers,
T |
