1. sitting behind a router which I thought did all the firewall "work"
2. on a Windows10 client; how do I check whether these suspcious connections are a problem or not please. I cannot find the full log. pic of a sample. Thanks for any clues...
the 192.168.0.0-192.168.255.255 are reserved for private address space. those IP's are not routable via the internet.
those connections are most likely coming from a device on the LAN side of your network since you have said ytour behind a NAt router that does the WAN firewall.
You could use the Home Network Scanner/Protect My Home Network in your McAfee product to see if you can identify the devices in question that match the IP's in your firewall log?
Thanks for your reply. One of the devices was a wifi repeater/booster thingy. Anybody know if these can be/are hacked? The McAfee report indicated a SSDP remote installation on UDP port 1900? Normal stuff do you think?
Secondly, the screen print was a bad example. Lots of connection attempts were from the WAN.
As a precaution the router in question is being replaced (a factory reset would have sufficed but owner is adamant that a previous attack may have left traces all over.)