When an Android 3.1 tablet thingie connects (on demand) by WI-FI (not phone) to Android marketpace. All kinds of tracking and ad sites come into play. The ones we normally block in HOSTS and other methods on Windows PCs. I added to the Netgear614 filter sites and filter keywords both "analytics" and "[www.google-analytics.com" to make sure both get whacked. (1) Router is like a sieve. Typical pair of log entries [Site blocked: www.google-analytics.com] from source (tablet ip), Wednesday, Oct 19,2011 21:33:51 [Site allowed: www.google-analytics.com] from source (tablet IP), Wednesday, Oct 19,2011 21:32:56 This pair appears all along as I browse that marketplace - it allows, it blocks, it allows, it blocks, what's going on? Did it connect to analytics or did it not connect to analytics? (2) I also see this kind of entries on and off: [DoS attack: FIN Scan] attack packets in last 20 sec from ip [220.127.116.11], Wednesday, Oct 19,2011 21:35:07 What's that all about? Google CIDR is 18.104.22.168/16 - what was it scanning? Can't get into that tablet. There's no TCPview, firewall log, to look at, nothing. All locked up. And connecting to the entire universe. To moderators - if this belongs in the firewalls or some other place, please move, thank you.