Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. M

    YALQ: yet another logging question

    I see. So maybe I should try DD-WRT or Tomato? I'll have to take a look at those to see if they support remote traffic logging
  2. M

    YALQ: yet another logging question

    Hmm. logging packets does seem like a log of logging. The main thing that I want is the traffic logs. I'll take the DHCP and any DNS logs that I can get as well. But my initial goal is just traffic logs. and there is nothing special about Splunk. It just accepts a bunch of log records and...
  3. M

    YALQ: yet another logging question

    Sorry, I did not read the local syslog. I just tried using what looked similar to the setup info for tools like http://www.linklogger.com. Is there another log that I can somehow send on to a monitoring tool?
  4. M

    YALQ: yet another logging question

    I am trying to send my traffic logs to an install of Splunk on my workstation. I think that this is supposed to work: Logging Remote Log Server: 192.168.1.19 (my desktop, wifi) Default message log level: info Log only messages more urgent than: all Created a rule on my windows firewall "Allow...
  5. M

    Cannot log into my Asus Router or Repeater

    Just found that I was only having problems logging in from the Edge Browser. For some reason it worked from Firefox. I guess that I can get into both admin interfaces. Sorry for the false alarm.
  6. M

    Cannot log into my Asus Router or Repeater

    I should add that I home computers and mobile devices can connect to the SSIDs defined on the RT-N66U. Just cannot access the admin page and the RT-N10P cannot connect to the SSIDs. And I'm freaking out that my router may have been compromised.
  7. M

    Cannot log into my Asus Router or Repeater

    At my home network, I have a Asus RT-N66U as the main router and a RT-N10P being used as a Bridge (repeater mode). I cannot access the admin page of either of them After some wifi trouble, I restarted both routers. A couple of my machines did not connect back up, so I tried logging into the...
  8. M

    Is my guest network set up wrong? Or do I just misunderstand it?

    Yup. that was it. Funny how my iPhone doesn't have an option to clear the app's data, but my daughters old Android does.
  9. M

    Is my guest network set up wrong? Or do I just misunderstand it?

    Wow. What an oversight on my part! Thank you for pointing that out! That said, I updated the "Access Intranet" setting, the router restarted and I rescanned. Now it looks like IoT: shows about 5 devices, including the router and the phone that I am using to scan. Guest: shows all devices from...
  10. M

    Is my guest network set up wrong? Or do I just misunderstand it?

    I don't recall that as an option. I'll check when I get home tonight
  11. M

    Is my guest network set up wrong? Or do I just misunderstand it?

    I was recently playing around with the mobile app fing. I had an old cell phone on my guest network and scanned it. I was surprised to see a listing of all devices on my main network as well as guest network devices. How can that be? I would have thought that the guest network would be...
  12. M

    Feature request: Display networks used in client list

    Would it be possible to display the network a device is on in the client listing dialog? I have three networks configured on my RT-N66U: +Main +IoT +Guest It would be nice to see that IoT devices are connecting to the appropriate IoT guest network and that all home computers are connected to...
  13. M

    Mr. Black malware

    Probly so. I have recently come to the opinion that routers should be built to not work until admin credentials are set up (probably via a direct connection)
  14. M

    Is there a universal TCP/IP responding server

    And I find that I am wrong... Malware scan returned nothing. I need to know if the traffic simply originated from something on a web page. So I will be implementing something to capture more info.
  15. M

    Is there a universal TCP/IP responding server

    OK, As I step back from the problem, I think that I can do what I want without all the info. Like I said, my firewall does not log the domain name for a DNS request that it blocks as a potentially malicious target. I was thinking that it would be nice to know the domain name, so my thought...
  16. M

    Is there a universal TCP/IP responding server

    Well, the sinkhole already exists, and is a LAN IP address for which there is not machine. The firewall just drops the request. But I found a couple of tools that do what I want. They are made to be honeypots: HoneyD - free, but requires somewhat complex configuration. Services need to be...
  17. M

    Is there a universal TCP/IP responding server

    Hi, I am not addressing inbound traffic. My goal is to find outbound malicious traffic and try to find where it is trying to go. The sinkhole is an IP address that will be resolved when requests to my DNS are determined to be DNS requests for malware.
  18. M

    Is there a universal TCP/IP responding server

    Something like a honeypot. I don't really want to expose it, I just want any requests that my firewall considers malware to go to it. My firewall is set up with a sinkhole now so all requests that it thinks are malware go to an IP address that gets denied. The problem is that my firewall...
  19. M

    Is there a universal TCP/IP responding server

    This may be a little larger than SNB, but I am looking for a tool that responds to TCP/IP requests on a large number of common ports. Does something like this exist? I hope to use it so that I can direct traffic identified as suspicious to that server and capture as much of the request info as...
Top