1. Home
    2. /
  2. Manuals
    3. /
  3. Actiontec
    4. /
  4. MI424-WR-Rev-C
    5. /
  5. 23
Page 111 / 198 Scroll up to view Page 106 - 110
FiOS Router User Manual
02/11/09
111
© 2008 Verizon. All Rights Reserved.
6.10
Security Log
The security log displays a list of firewall-related events, including attempts
to establish inbound and outbound connections, attempts to authenticate
at an administrative interface (MegaControl Panel or Telnet terminal), firewall
configuration, and system start-up.
To access the security log, select
Security Log
from any Security screen. The
“Security Log” screen appears.
6.10a
Time
The time (based on the FiOS Router’s date and time settings) the event occurred.
6.10b
Event
There are five kinds of events listed in the system log:
Inbound
s
Traffic
-
a result of an incoming packet
Outbound
s
Traffic
-
a result of an outgoing packet.
Firewall
s
Setup
- configuration message
Page 112 / 198
Configuring Security Settings
6.10
Security Log
6
112
© 2008 Verizon. All Rights Reserved.
WBM
s
Login
- a user logged in to WBM
CLI
s
Login
-
a user logged in to the command line interface via Telnet
6.10c
Event-Type
Displays a textual description of the event.
6.10d
Details
The “Details” column displays more information about the packet or the event,
such as protocol, IP addresses, ports, etc. The following are the available event
types that can be recorded in the security log:
Firewall internal
s
- from the firewall internal mechanism, in case this event-
type is recorded, an accompanying explanation will be added.
Firewall status changed
s
- the firewall changed status from up to down or
the vice versa, as specified in the event type description.
STP packet
s
- an STP (Spanning Tree Protocol) packet has been
accepted/rejected.
Illegal packet options
s
- the options field in the packet’s header is either
illegal or forbidden.
Fragmented packet
s
- a fragment has been rejected.
WinNuke protection
s
- a WinNuke attack has been blocked.
ICMP replay
s
- an ICMP (Internet Control Message Protocol) replay message
has been blocked.
ICMP redirect protection
s
- an ICMP redirected message has been blocked.
Packet invalid in connection
s
- an invalid connection packet has
been blocked.
ICMP protection
s
- a broadcast ICMP message has been blocked.
Broadcast/Multicast protection
s
- a packet with a broadcast/multicast
source IP has been blocked.
Page 113 / 198
FiOS Router User Manual
02/11/09
113
© 2008 Verizon. All Rights Reserved.
Spoofing protection
s
- a packet from the Internet with a source IP belonging
the local network has been blocked.
DMZ
s
network
packet
- a packet from a demilitarized zone network has been
blocked.
Trusted
s
device
- a packet from a trusted device has been accepted.
Default
s
policy
- a packet has been accepted/blocked according to the
default policy.
Remote
s
administration
- a packet designated for FiOS Router management
has been accepted/blocked.
Access
s
control
- a packet has been accepted/blocked because of an access
control rule.
Parental
s
control
- a packet has been blocked because of parental control.
N
s
AT out
failed
- NAT failed for this packet.
DHCP
s
request
- the FiOS Router sent a DHCP request (depends on the
distribution)
DHCP
s
response
- the FiOS Router received a DHCP response (depends on
the distribution)
DHCP
s
relay
agent
- a DHCP relay packet has been received (depends on the
distribution)
IGMP
s
packet
- an IGMP packet has been accepted.
Multicast
s
IGMP
connection
- a multicast packet has been accepted.
PPTP
s
connection
- a packet inquiring whether the FiOS Router is ready to
receive a PPTP connection has been accepted.
AUTH:113 request
s
- an outbound packet for AUTH protocol has been
accepted (for maximum security level).
IPV6 over IPV4
s
- an IPv6 over IPv4 packet has been accepted.
ARP
s
- an ARP packet has been accepted.
Page 114 / 198
Configuring Security Settings
6.10
Security Log
6
114
© 2008 Verizon. All Rights Reserved.
PPP Discover
s
- a PPP discover packet has been accepted.
PPP Session
s
- a PPP session packet has been accepted.
802.1Q
s
- a 802.1Q (VLAN) packet has been accepted.
Outbound Auth1X
s
- an outbound Auth1X packet has been accepted.
IP Version 6
s
- an IPv6 packet has been accepted.
Router initiated traffic
s
- all traffic the FiOS Router initiates is recorded.
Maximum security enabled service
s
- a packet has been accepted because
it belongs to a permitted service in the maximum security level.
SynCookies Protection
s
- a SynCookies packet has been blocked.
ICMP Flood Protection
s
- a packet has been blocked, stopping an
ICMP flood.
UDP Flood Protection
s
- a packet has been blocked, stopping a UDP flood.
Service
s
- a packet has been accepted because of a certain service, as
specified in the event type.
Advanced Filter Rule
s
- a packet has been accepted/blocked because of an
advanced filter rule.
Fragmented packet, header too small
s
- a packet has been blocked
because, after defragmentation, the header was too small.
Fragmented packet, header too big
s
- a packet has been blocked because,
after defragmentation, the header was too big.
Fragmented packet, bad align
s
- a packet has been blocked because, after
defragmentation, the packet was badly aligned.
Fragmented packet, packet too big
s
- a packet has been blocked because,
after defragmentation, the packet was too big.
Fragmented packet, packet exceeds
s
- a packet has been blocked because,
after defragmentation, the packet exceeded.
Fragmented packet, no memory
s
- a fragmented packet has been blocked
because there is no memory for fragments.
Page 115 / 198
FiOS Router User Manual
02/11/09
115
© 2008 Verizon. All Rights Reserved.
Fragmented packet, overlapped
s
- a packet has been blocked because, after
defragmentation, there were overlapping fragments.
Defragmentation failed
s
- the fragment has been stored in memory and
blocked until all fragments have arrived and defragmentation can be
performed.
C
s
onnection opened
- debug message regarding connection.
Wildcard connection opened
s
- debug message regarding connection.
Wildcard connection hooked
s
- debug message regarding connection.
Connection closed -
s
debug message regarding connection.
Echo/Chargen/Quote/Snork protection
s
- a packet has been blocked due to
Echo/Chargen/Quote/Snork protection.
First packet in connection is not a SYN packet
s
- a packet has been blocked
due to a TCP connection that started without a SYN packet.
Error: No memory
s
- a new connection has not been established because of
lack of memory.
NAT
s
Error
: connection pool is full. No connection created -a connection has
not been created because the connection pool is full.
NAT Error: No free NAT IP
s
- no free NAT IP, so NAT has failed.
NAT Error: Conflict Mapping already exists
s
- a conflict occurred because
the NAT mapping already exists, so NAT failed.
Malformed packet: Failed parsing
s
- a packet has been blocked because it
is malformed.
Passive attack on ftp-server: Client attempted to open Server ports
s
- a
packet has been blocked.
FTP port request to 3rd party is forbidden (Possible bounce attack)
s
-
a packet has been blocked.
Firewall Rules were changed
s
- the firewall rule set has been modified.
User
s
authentication
- a message arrived during login time, including both
successful and failed authentication.

Rate

4.5 / 5 based on 2 votes.

Popular Actiontec Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top