Code Red Attacks on Netgear FVS318

I have a Netgear FVS318 VPN Router. Recently the log started showing a ton of messages similar to this:

2005-02-16 03:22:31 User.Info 192.168.199.20 [121765]:HTTP(80) Dest IP :65.19.192.77, Src IP :65.19.88.167
2005-02-16 03:22:31 User.Info 192.168.199.20 [121766]:TCP(1300) Dest IP :65.19.88.167, Src IP :192.168.199.21
2005-02-16 03:22:31 Daemon.Alert 192.168.199.20 Hacker Log[121767]:PROTO_TCP, SIP:65.19.88.167: 1300, DIP:65.19.192.77: 80, Code-Red
2005-02-16 03:22:32 Daemon.Alert 192.168.199.20 Hacker Log[121768]:PROTO_TCP, SIP:65.19.88.167: 1300, DIP:65.19.192.77: 80, Code-Red

I've been able to find 3 separate IP addresses that the dropped code reds are coming from. And although the source port changes quite often, the destination port is always 80. There seems to be a pattern though. The source port changes every seven drops. It also seems like on at least one of the IP's (65.19.88.167) there is a packet successfully going from my network to this address, then one coming back successfully to our webserver (192.168.199.21) before I get any dropped due to Code Reds. Is this a problem?

Since Code Red attacks IIS servers one would expect the destination port to be mostly 80 (of course you can attach a web server to any port). If the IPs are from computers you control you are the one infected. If they are from computers you know about, contact the owners and tell them to fix the damn things. If they are from anonymous machines, all you can do is wait until someone finally figures it out and kills it. Your router should be immune (boy I sure hope it is!), so other than spewing into your log file you should not have any problems.

Thanks alot Mitakeet