logging a linksys router firewall in linux

Networking/Security Forums -> UNIX // GNU/Linux

Author: 34m PostPosted: Wed May 01, 2002 7:32 am    Post subject: logging a linksys router firewall in linux
recently i switched from an 386 running fireplug as a firewall to a linksys combo firewall-router, but i'm not satisified with the built in logs...i'd like to have fuller logs sent to my computer, and am looking for a fairly basic program for doing so...i've got ucd-snmp on my computer, but it seems not only overkill for my purposes, but also over my head in complexity...i've no computer training, and as i'm in my sixties, don't yank new info into the brain as effectively as i did forty or fifty years ago...i'm looking for a simple straightforward way of doing what seems ought be a simple straightforward task...a thanking in advance for any suggestions...

Author: chrisLocation: ~/security-forums PostPosted: Wed May 01, 2002 10:28 am    Post subject:
I have the same problem with an edimax broadband router. The logging is pretty much there, just not very good to cycle through Wink

The problem I have with my router is that I can only forward one to one ports rather than allow in to a range of IPs.

Usually this isnt a problem, but for some services where more than one machine needs incoming ports such as Ident, it is a real problem.

I think the link sys ones are a little better than the one I have here, as this one does return nothing using snmp Sad

Author: maxpowerLocation: philly PostPosted: Wed May 01, 2002 12:47 pm    Post subject:
-linksys has a utility, but i don't beleive there's any documentation to go along with this...filename is 'logviewer.exe'


Using the Logging features
(Thanks to Craig Goranson for providing some of this info!)
The logging mechanism added in V1.35 is performed via a standard SNMP Trap message that is sent to the configured machine on UDP port 162. If you're not happy with the Windows logviewer.exe application that you can get from Linksys, you can use any SNMP Trap application to view and archive logs. Go here [http://www.practicallynetworked.com/support/snmp_apps.htm] for a list. Also see the Tools page for alternative logging applications, written specifically for Linky.

there's plenty of info on linksys and other SOHO routers here...


Author: ShaolinTigerLocation: Kuala Lumpur, Malaysia PostPosted: Wed May 08, 2002 2:36 am    Post subject:
There is a peice of software specifically for this purpose which by all accounts it pretty good.

You can grab it here http://www.wallwatcher.com/

Good luck Smile


Author: HughJardon PostPosted: Tue Nov 19, 2002 4:10 am    Post subject: Careful with that BEFSR
We've found that BEFSR series Linksys combo boxes are seriously exposed when snmp is running. SNMP scanners can sweep through and locate these devices easily.
Once found, the default snmp communities can be used to turn off the device or do other nasties. Since cable/dsl providers are beginning to deploy these devices for customer premise equipment, be advised: turn off snmp if you don't need it! If you do need it, take care to eliminate the default community names (don't just add names to the list, leaving defaults intact).

-Hugh Exclamation

Networking/Security Forums -> UNIX // GNU/Linux

output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group