Billion UK Forum

Anything About Billion For UK Users
https://www.forum.billion.uk.com/

8800NL firewall log

https://www.forum.billion.uk.com/viewtopic.php?t=3262

Page 1 of 1

8800NL firewall log

Posted: Fri Oct 03, 2014 9:04 am
by rossgrey
(pre-sales question - if anyone ever gets any stock - lol)

If I portscan my old 7800 (default firewall settings), or try to attempt access to it via a blocked port (eg ssh), it never recorded the events in the firewall log. (don't get me wrong - the firewall did its job and blocked access - it just never logged it in the firewall log)

Does the 8800NL behave in the same way, or does it log blocked access attempts ?

Re: 8800NL firewall log

Posted: Wed Oct 08, 2014 9:52 am
by billion_fan
I just ran a port scan with shields up and this was logged, however I tried to login to the router using port 80, and this was not logged (remote access was disabled)

Oct 8 09:47:31 daemon alert kernel: Intrusion -> TCP packet from [ppp1.1] 4.79.142.206:44224 to x.x.x.x:1024
Oct 8 09:47:31 daemon alert kernel: Intrusion -> TCP packet from [ppp1.1] 4.79.142.206:44224 to x.x.x.x:445
Oct 8 09:47:31 daemon alert kernel: Intrusion -> TCP packet from [ppp1.1] 4.79.142.206:44224 to x.x.x.x:389
Oct 8 09:47:31 daemon alert kernel: Intrusion -> TCP packet from [ppp1.1] 4.79.142.206:44224 to x.x.x.x:139
Oct 8 09:47:31 daemon alert kernel: Intrusion -> TCP packet from [ppp1.1] 4.79.142.206:44224 to x.x.x.x:119
Oct 8 09:47:31 daemon alert kernel: Intrusion -> TCP packet from [ppp1.1] 4.79.142.206:44224 to x.x.x.x:113
Oct 8 09:47:31 daemon alert kernel: Intrusion -> TCP packet from [ppp1.1] 4.79.142.206:44224 to x.x.x.x:80
Oct 8 09:47:31 daemon alert kernel: Intrusion -> TCP packet from [ppp1.1] 4.79.142.206:44224 to x.x.x.x:23
Oct 8 09:47:31 daemon alert kernel: Intrusion -> TCP packet from [ppp1.1] 4.79.142.206:44224 to x.x.x.x:22
Oct 8 09:47:31 daemon alert kernel: Intrusion -> TCP packet from [ppp1.1] 4.79.142.206:44224 to x.x.x.x:0
Oct 8 09:47:32 daemon alert kernel: Intrusion -> TCP packet from [ppp1.1] 4.79.142.206:44224 to x.x.x.x:1026

PS, Our latest stock has just left our warehouse so it should be reaching retailers soon :D (latest stock comes with firmware 2.32d.dh14)

Re: 8800NL firewall log

Posted: Wed Oct 08, 2014 11:49 am
by rossgrey
Thanks for that :)
Also, very useful info re stock - it's appreciated.

Re: 8800NL firewall log

Posted: Fri Oct 10, 2014 3:52 pm
by Martin Goose
Just ordered from Ebuyer. They have stock. Will need to check firmware version on arrival

Re: 8800NL firewall log

Posted: Fri Oct 10, 2014 3:57 pm
by billion_fan
Martin Goose wrote:Just ordered from Ebuyer. They have stock. Will need to check firmware version on arrival
Yes the Dh14 firmware has the new DMT code (and should be on the latest stock) and the older dm2 has the older DMT code, dm2 can be found here viewtopic.php?f=19&t=3187, if you want to revert to the older DMT code
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited