Router Logs

AceTechDS · Aug 17, 2013

Hi Guys

I need some help with the following errors on my routers logs:

Aug 17 21:04:02 user warn kernel: wp2=00
Aug 17 21:04:02 user warn kernel: wp2=3c
Aug 17 21:04:03 user info kernel: device wl0 left promiscuous mode
Aug 17 21:04:03 user info kernel: br0: port 5(wl0) entering disabled state
Aug 17 21:04:09 user info kernel: device wl0 entered promiscuous mode
Aug 17 21:04:09 user info kernel: br0: port 5(wl0) entering forwarding state
Aug 17 22:15:49 user warn kernel: wp1=00 wp2=3c

Errors:

Aug 17 21:04:56 user alert kernel: Intrusion -> IN=ppp0.1 OUT= MAC= SRC=61.167.199.232 DST=41.133.15.178 LEN=48 TOS=0x18 PREC=0x00 TTL=106 ID=48476 PROTO=TCP SPT=27043 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0 MARK=0x8000000
Aug 17 21:16:19 user alert kernel: Intrusion -> IN=ppp0.1 OUT= MAC= SRC=123.151.42.61 DST=41.133.15.178 LEN=40 TOS=0x18 PREC=0x00 TTL=44 ID=0 DF PROTO=TCP SPT=22202 DPT=1723 WINDOW=8192 RES=0x00 SYN URGP=0 MARK=0x8000000

Still a bit of newbie, just generally use the default setting on the router and never checked the logs before.

krieg · Aug 18, 2013

The user, warn, kernel, alert is all different logs. wl0 is wireless card, br0 is your lan port, ppp0 is your ppp profile.

AceTechDS · Aug 18, 2013

thanks Krieg, for the information, much appreciated, still learning when it comes router config, just trying to secure my home network

krieg · Aug 18, 2013

Best way to learn is to hack at your network. You can also view your logs through a syslog server on your PC. This will allow you to see the changes as you change things. Also google reaver, it's an example of a very successful exploit that works on a lot of routers.

Router Logs

AceTechDS

Active Member

krieg

Expert Member

AceTechDS

Active Member

krieg

Expert Member