Unsure that router is secure

vbimport

#1

I’ve noticed some odd behaviour from my router recently. It could be buggy but every day I’m having to reset it to conect to the internet. I’m trying to get a hang of what all the settings are, but I don’t really know enough. Does the following log show any compromise?

Jan 1 00:00:07 syslog: BusyBox v1.17.2
Jan 1 00:00:15 syslog: eth0 (switch port: 3) Link UP 100 mbps full duplex
Jan 1 00:06:58 syslog: Line 0: xDSL G.994 training
Jan 1 00:07:05 syslog: eth0 (switch port: 3) Link DOWN.
Jan 1 00:07:14 syslog: Line 0: ADSL G.992 started
Jan 1 00:07:19 syslog: Line 0: ADSL G.992 channel analysis
Jan 1 00:07:25 syslog: Line 0: ADSL G.992 message exchange
Jan 1 00:07:26 syslog: Line 0: ADSL link down
Jan 1 00:07:27 syslog: Line 0: xDSL G.994 training
Jan 1 00:07:44 syslog: Line 0: ADSL G.992 started
Jan 1 00:07:48 syslog: Line 0: ADSL G.992 channel analysis
Jan 1 00:07:55 syslog: Line 0: ADSL G.992 message exchange
Jan 1 00:07:56 syslog: Line 0: ADSL link down
Jan 1 00:07:57 syslog: Line 0: xDSL G.994 training
Jan 1 00:08:14 syslog: Line 0: ADSL G.992 started
Jan 1 00:08:18 syslog: Line 0: ADSL G.992 channel analysis
Jan 1 00:08:24 syslog: Line 0: ADSL G.992 message exchange
Jan 1 00:08:25 syslog: Line 0: ADSL link down
Jan 1 00:08:25 syslog: Line 0: ADSL link up, Bearer 0, us=1176, ds=19007
Jan 1 00:08:25 syslog: Line 0: ADSL link up, Bearer 1, us=0, ds=0
Jan 1 00:08:32 syslog: PPP LCP UP.
Jan 1 00:08:33 syslog: WAN link UP.
Jan 1 00:08:33 syslog: Received valid IP address from server. Connection UP.
Jan 1 00:08:35 syslog: Send out NTP request to ntp1.isp.sky.com
Jan 1 00:08:35 syslog: Time has been set from ntp1.isp.sky.com
Dec 25 01:02:07 syslog: Received NTP Sync Reply from ntp1.isp.sky.com
Dec 25 01:02:48 syslog: eth0 (switch port: 3) Link UP 100 mbps full duplex
Dec 25 01:04:36 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=86.149.193.128 DST=2.125.130.42 LEN=140 TOS=0x00 PREC=0x00 TTL=53 ID=12334 PROTO=UDP SPT=8468 DPT=47508 LEN=120 MARK=0x8000000
Dec 25 01:04:44 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=86.149.193.128 DST=2.125.130.42 LEN=140 TOS=0x00 PREC=0x00 TTL=53 ID=35937 PROTO=UDP SPT=8468 DPT=47508 LEN=120 MARK=0x8000000
Dec 25 01:09:04 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=90.223.197.87 DST=2.125.130.42 LEN=74 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=UDP SPT=53 DPT=49164 LEN=54 MARK=0x8000000
Dec 25 01:11:06 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=90.223.197.73 DST=2.125.130.42 LEN=74 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=UDP SPT=53 DPT=49164 LEN=54 MARK=0x8000000
Dec 25 01:15:20 syslog: Administrator logged out from IP address 192.168.0.2 .
Dec 25 01:16:38 syslog: Administrator login successful from IP: 192.168.0.2 .


#2

What kinda router are you using and what firmware does it have? It could be a flaky router on its way out. We do need a model and firmware to know what your asking about?


#3

[QUOTE=coolcolors;2714504]What kinda router are you using and what firmware does it have? It could be a flaky router on its way out. We do need a model and firmware to know what your asking about?[/QUOTE]It’s a Sky router model SR102, latest firmware ‘2.1m.3173.R’, DSL firmware version ‘A2pv6F038m.d24j’. Just got it. Odd behaviour over last few days and discovered that a phone has been an ‘attached device’ - pic attached.

  • log since then:

Dec 31 15:21:05 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=2415 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:21:11 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=2436 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:21:31 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=3676 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:21:37 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=4017 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:21:56 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=4516 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:22:02 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=4701 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:22:21 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=5264 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:22:26 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=5439 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:22:46 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=6029 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:22:52 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=6193 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:22:58 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=221.234.231.190 DST=5.68.105.224 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=9184 PROTO=TCP SPT=38032 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Dec 31 15:23:11 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=6709 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:23:17 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=6874 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:23:36 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=7359 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:23:42 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=7514 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:24:01 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=7870 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:24:07 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=7894 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:24:17 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=99.226.179.24 DST=5.68.105.224 LEN=58 TOS=0x00 PREC=0x00 TTL=54 ID=2903 PROTO=UDP SPT=56565 DPT=15526 LEN=38 MARK=0x8000000
Dec 31 15:24:18 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=99.226.179.24 DST=5.68.105.224 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=59944 DF PROTO=TCP SPT=59107 DPT=15526 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Dec 31 15:24:20 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=99.226.179.24 DST=5.68.105.224 LEN=58 TOS=0x00 PREC=0x00 TTL=54 ID=19244 PROTO=UDP SPT=56565 DPT=15526 LEN=38 MARK=0x8000000
Dec 31 15:24:27 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=7969 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:24:32 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=8005 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:24:52 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=8094 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:24:58 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=8115 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:25:17 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=8182 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:25:23 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=8203 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:25:42 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=8277 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:25:48 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=8303 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:26:07 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=8372 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:26:13 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=8394 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:26:32 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=8492 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:26:39 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=8523 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:26:58 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=8625 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:27:04 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=8648 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:27:23 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=8715 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:27:29 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=8737 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:27:48 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=8809 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:27:54 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=49.93.17.201 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=116 ID=8835 PROTO=UDP SPT=30599 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:29:20 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=219.87.155.24 DST=5.68.105.224 LEN=129 TOS=0x00 PREC=0x00 TTL=106 ID=31110 PROTO=UDP SPT=27898 DPT=15526 LEN=109 MARK=0x8000000
Dec 31 15:29:54 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=217.172.189.153 DST=5.68.105.224 LEN=445 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=UDP SPT=5060 DPT=5060 LEN=425 MARK=0x8000000
Dec 31 15:29:55 syslog: eth0 (switch port: 3) Link UP 100 mbps full duplex
Dec 31 15:30:15 syslog: eth0 (switch port: 3) Link DOWN.
Dec 31 15:30:57 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=223.67.213.58 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=46 ID=54734 PROTO=UDP SPT=5286 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:31:03 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=223.67.213.58 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=46 ID=54777 PROTO=UDP SPT=5286 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:35:30 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=141.212.121.27 DST=5.68.105.224 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=54321 PROTO=TCP SPT=48889 DPT=443 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Dec 31 15:37:16 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=202.180.105.100 DST=5.68.105.224 LEN=131 TOS=0x00 PREC=0x00 TTL=47 ID=56337 PROTO=UDP SPT=61137 DPT=15526 LEN=111 MARK=0x8000000
Dec 31 15:38:23 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=99.226.179.24 DST=5.68.105.224 LEN=58 TOS=0x00 PREC=0x00 TTL=54 ID=19099 PROTO=UDP SPT=56565 DPT=15526 LEN=38 MARK=0x8000000
Dec 31 15:38:24 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=99.226.179.24 DST=5.68.105.224 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=51111 DF PROTO=TCP SPT=60715 DPT=15526 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Dec 31 15:38:26 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=99.226.179.24 DST=5.68.105.224 LEN=58 TOS=0x00 PREC=0x00 TTL=54 ID=65461 PROTO=UDP SPT=56565 DPT=15526 LEN=38 MARK=0x8000000
Dec 31 15:41:16 syslog: eth0 (switch port: 3) Link UP 100 mbps full duplex
Dec 31 15:42:58 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=223.67.213.58 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=46 ID=56827 PROTO=UDP SPT=5286 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:43:04 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=223.67.213.58 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=46 ID=56869 PROTO=UDP SPT=5286 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:43:39 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=182.201.151.219 DST=5.68.105.224 LEN=129 TOS=0x00 PREC=0x00 TTL=51 ID=24977 PROTO=UDP SPT=16001 DPT=15526 LEN=109 MARK=0x8000000
Dec 31 15:43:40 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=182.201.151.219 DST=5.68.105.224 LEN=129 TOS=0x00 PREC=0x00 TTL=51 ID=25135 PROTO=UDP SPT=16001 DPT=15526 LEN=109 MARK=0x8000000
Dec 31 15:43:52 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=96.60.190.81 DST=5.68.105.224 LEN=131 TOS=0x00 PREC=0x00 TTL=51 ID=56389 PROTO=UDP SPT=53696 DPT=15526 LEN=111 MARK=0x8000000
Dec 31 15:47:15 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=123.52.101.4 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=52 ID=4740 PROTO=UDP SPT=16449 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:48:10 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=198.20.69.74 DST=5.68.105.224 LEN=40 TOS=0x00 PREC=0x00 TTL=116 ID=24977 PROTO=TCP SPT=32621 DPT=80 WINDOW=57442 RES=0x00 SYN URGP=0 MARK=0x8000000
Dec 31 15:48:56 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=175.1.117.158 DST=5.68.105.224 LEN=129 TOS=0x00 PREC=0x00 TTL=52 ID=18892 PROTO=UDP SPT=10216 DPT=15526 LEN=109 MARK=0x8000000
Dec 31 15:48:58 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=223.67.213.58 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=46 ID=57877 PROTO=UDP SPT=5286 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:49:04 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=223.67.213.58 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=46 ID=57954 PROTO=UDP SPT=5286 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:49:39 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=175.1.117.158 DST=5.68.105.224 LEN=129 TOS=0x00 PREC=0x00 TTL=52 ID=36805 PROTO=UDP SPT=10216 DPT=15526 LEN=109 MARK=0x8000000
Dec 31 15:49:39 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=175.1.117.158 DST=5.68.105.224 LEN=129 TOS=0x00 PREC=0x00 TTL=52 ID=37152 PROTO=UDP SPT=10216 DPT=15526 LEN=109 MARK=0x8000000
Dec 31 15:49:43 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=175.1.117.158 DST=5.68.105.224 LEN=129 TOS=0x00 PREC=0x00 TTL=52 ID=38860 PROTO=UDP SPT=10216 DPT=15526 LEN=109 MARK=0x8000000
Dec 31 15:49:51 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=175.1.117.158 DST=5.68.105.224 LEN=129 TOS=0x00 PREC=0x00 TTL=52 ID=42736 PROTO=UDP SPT=10216 DPT=15526 LEN=109 MARK=0x8000000
Dec 31 15:51:58 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=223.67.213.58 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=46 ID=58422 PROTO=UDP SPT=5286 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:52:04 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=223.67.213.58 DST=5.68.105.224 LEN=126 TOS=0x00 PREC=0x00 TTL=46 ID=58456 PROTO=UDP SPT=5286 DPT=15526 LEN=106 MARK=0x8000000
Dec 31 15:52:29 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=99.226.179.24 DST=5.68.105.224 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=41424 DF PROTO=TCP SPT=62465 DPT=15526 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Dec 31 15:52:30 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=99.226.179.24 DST=5.68.105.224 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=25042 DF PROTO=TCP SPT=62465 DPT=15526 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Dec 31 15:52:32 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=99.226.179.24 DST=5.68.105.224 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=7071 DF PROTO=TCP SPT=62465 DPT=15526 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Dec 31 15:52:33 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=99.226.179.24 DST=5.68.105.224 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=57329 DF PROTO=TCP SPT=62465 DPT=15526 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Dec 31 15:52:34 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=99.226.179.24 DST=5.68.105.224 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=19357 DF PROTO=TCP SPT=62465 DPT=15526 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Dec 31 15:52:35 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=99.226.179.24 DST=5.68.105.224 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=10625 DF PROTO=TCP SPT=62465 DPT=15526 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Dec 31 15:52:37 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=99.226.179.24 DST=5.68.105.224 LEN=64 TOS=0x00 PREC=0x00 TTL=54 ID=23989 DF PROTO=TCP SPT=62465 DPT=15526 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Dec 31 15:52:41 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=99.226.179.24 DST=5.68.105.224 LEN=48 TOS=0x00 PREC=0x00 TTL=54 ID=62362 DF PROTO=TCP SPT=62465 DPT=15526 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Dec 31 15:53:23 syslog: always->Any(All)IN=pppoa0 OUT= MAC= SRC=202.180.105.100 DST=5.68.105.224 LEN=131 TOS=0x00 PREC=0x00 TTL=47 ID=60975 PROTO=UDP SPT=61137 DPT=15526 LEN=111 MARK=0x8000000
Dec 31 15:54:55 syslog: Administrator login successful from IP: 192.168.0.2 .

…Note that 15526 I opened for utorrent.