• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

logging a linksys router firewall in linux

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> UNIX // GNU/Linux

View previous topic :: View next topic  
Author Message
34m
Just Arrived
Just Arrived


Joined: 01 May 2002
Posts: 0


Offline

PostPosted: Wed May 01, 2002 7:32 am    Post subject: logging a linksys router firewall in linux Reply with quote

recently i switched from an 386 running fireplug as a firewall to a linksys combo firewall-router, but i'm not satisified with the built in logs...i'd like to have fuller logs sent to my computer, and am looking for a fairly basic program for doing so...i've got ucd-snmp on my computer, but it seems not only overkill for my purposes, but also over my head in complexity...i've no computer training, and as i'm in my sixties, don't yank new info into the brain as effectively as i did forty or fifty years ago...i'm looking for a simple straightforward way of doing what seems ought be a simple straightforward task...a thanking in advance for any suggestions...
Back to top
View user's profile Send private message
chris
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777201
Location: ~/security-forums

Offline

PostPosted: Wed May 01, 2002 10:28 am    Post subject: Reply with quote

I have the same problem with an edimax broadband router. The logging is pretty much there, just not very good to cycle through Wink

The problem I have with my router is that I can only forward one to one ports rather than allow in to a range of IPs.

Usually this isnt a problem, but for some services where more than one machine needs incoming ports such as Ident, it is a real problem.

I think the link sys ones are a little better than the one I have here, as this one does return nothing using snmp Sad
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger
maxpower
Just Arrived
Just Arrived


Joined: 28 Apr 2002
Posts: 0
Location: philly

Offline

PostPosted: Wed May 01, 2002 12:47 pm    Post subject: Reply with quote

-linksys has a utility, but i don't beleive there's any documentation to go along with this...filename is 'logviewer.exe'

ftp://ftp.linksys.com/pub/befsr41/

Quote:
Using the Logging features
(Thanks to Craig Goranson for providing some of this info!)
The logging mechanism added in V1.35 is performed via a standard SNMP Trap message that is sent to the configured machine on UDP port 162. If you're not happy with the Windows logviewer.exe application that you can get from Linksys, you can use any SNMP Trap application to view and archive logs. Go here [http://www.practicallynetworked.com/support/snmp_apps.htm] for a list. Also see the Tools page for alternative logging applications, written specifically for Linky.


there's plenty of info on linksys and other SOHO routers here...

http://practicallynetworked.com
Back to top
View user's profile Send private message AIM Address
ShaolinTiger
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777215
Location: Kuala Lumpur, Malaysia

Offline

PostPosted: Wed May 08, 2002 2:36 am    Post subject: Reply with quote

There is a peice of software specifically for this purpose which by all accounts it pretty good.

You can grab it here http://www.wallwatcher.com/

Good luck Smile

Shaolin
Back to top
View user's profile Send private message Visit poster's website
HughJardon
Just Arrived
Just Arrived


Joined: 19 Nov 2002
Posts: 0


Offline

PostPosted: Tue Nov 19, 2002 4:10 am    Post subject: Careful with that BEFSR Reply with quote

We've found that BEFSR series Linksys combo boxes are seriously exposed when snmp is running. SNMP scanners can sweep through and locate these devices easily.
Once found, the default snmp communities can be used to turn off the device or do other nasties. Since cable/dsl providers are beginning to deploy these devices for customer premise equipment, be advised: turn off snmp if you don't need it! If you do need it, take care to eliminate the default community names (don't just add names to the list, leaving defaults intact).

-Hugh Exclamation
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> UNIX // GNU/Linux All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register