On my SSM-20 I'm seeing a lot of traffic from a 192.168.0.X address. Obviously it's a scanner of some sort. I'm curious as to why the packet is even being passed to the SSM by the ASA. The ASA should be getting it from the "outside" interface and dropping it. I'm surprised it even gets as far as the SSM. Do I have a misconception on how the ASA handles this type of traffic? The ports are 0 for both the source and destination address.
I have this problem too.