1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. DG824M
    5. /
  5. 16
Page 76 / 154 Scroll up to view Page 71 - 75
Reference Manual for the Model DG824M Wireless ADSL Modem Gateway
5-10
Managing Your Network
Viewing, Selecting, and Saving Logged Information
The gateway will log security-related events such as denied incoming service requests, hacker
probes, and administrator logins. If you enabled content filtering in the Block Sites menu, the Logs
page shows you when someone on your network tried to access a blocked site. If you enabled
e-mail notification, you'll receive these logs in an e-mail message. If you don't have e-mail
notification enabled, you can view the logs here. An example is shown below.
Figure 5-7: Security Logs menu
Page 77 / 154
Reference Manual for the Model DG824M Wireless ADSL Modem Gateway
Managing Your Network
5-11
Log entries are described in
Table 5-1
Log action buttons are described in
Table 5-8
Selecting What Information to Log
Besides the standard information listed above, you can choose to log additional information. Those
optional selections are as follows:
All incoming and outgoing traffic
Attempted access to blocked site
Connections to the Web-based interface of this Router
Table 5-1.
Security Log entry descriptions
Field
Description
Date and Time
The date and time the log entry was recorded.
Description or
Action
The type of event and what action was taken if any.
Source IP
The IP address of the initiating device for this log entry.
Source port and
interface
The service port number of the initiating device, and whether it
originated from the LAN or WAN
Destination
The name or IP address of the destination device or website.
Destination port
and interface
The service port number of the destination device, and whether
it’s on the LAN or WAN.
Table 5-8:
Security Log action buttons
Field
Description
Refresh
Click this button to refresh the log screen.
Clear Log
Click this button to clear the log entries.
Send Log
Click this button to email the log immediately.
Apply
Click this button to apply the current settings.
Cancel
Click this button to clear the current settings.
Page 78 / 154
Reference Manual for the Model DG824M Wireless ADSL Modem Gateway
5-12
Managing Your Network
Router operation (start up, get time, etc.)
Known DoS attacks and Port Scans
Saving Log Files on a Server
You can choose to write the logs to a PC running a syslog program. To activate this feature, check
the box under Syslog and enter the IP address of the server where the log file will be written.
Examples of log messages
Following are examples of log messages. In all cases, the log entry shows the timestamp as:
Day,
Year-Month-Date
Hour:Minute:Second
Activation and Administration
Tue, 2002-05-21 18:48:39 - NETGEAR activated
[This entry indicates a power-up or reboot with initial time entry.]
Tue, 2002-05-21 18:55:00 - Administrator login successful - IP:192.168.0.2
Thu, 2002-05-21 18:56:58 - Administrator logout - IP:192.168.0.2
[This entry shows an administrator logging in and out from IP address 192.168.0.2.]
Tue, 2002-05-21 19:00:06 - Login screen timed out - IP:192.168.0.2
[This entry shows a time-out of the administrator login.]
Wed, 2002-05-22 22:00:19 - Log emailed
[This entry shows when the log was emailed.]
Dropped Packets
Wed, 2002-05-22 07:15:15 - TCP packet dropped - Source:64.12.47.28,4787,WAN -
Destination:134.177.0.11,21,LAN - [Inbound Default rule match]
Sun, 2002-05-22 12:50:33 - UDP packet dropped - Source:64.12.47.28,10714,WAN -
Destination:134.177.0.11,6970,LAN - [Inbound Default rule match]
Sun, 2002-05-22 21:02:53 - ICMP packet dropped - Source:64.12.47.28,0,WAN -
Destination:134.177.0.11,0,LAN - [Inbound Default rule match]
[These entries show an inbound FTP (port 21) packet, UDP packet (port 6970), and ICMP
packet (port 0) being dropped as a result of the default inbound rule, which states that all
inbound packets are denied.]
Page 79 / 154
Reference Manual for the Model DG824M Wireless ADSL Modem Gateway
Managing Your Network
5-13
Enabling Security Event E-mail Notification
In order to receive logs and alerts by e-mail, you must provide your e-mail information in the
E-Mail subheading:
Turn e-mail notification on
Check this box if you wish to receive e-mail logs and alerts from the gateway.
Your outgoing mail server
Enter the name or IP address of your ISP’s outgoing (SMTP) mail server (such as
mail.myISP.com). You may be able to find this information in the configuration menu of your
e-mail program. If you leave this box blank, log and alert messages will not be sent via e-mail.
Send to this e-mail address
Enter the e-mail address to which logs and alerts are sent. This e-mail address will also be used
as the From address. If you leave this box blank, log and alert messages will not be sent via
e-mail.
You can specify that logs are automatically sent to the specified e-mail address with these options:
Page 80 / 154
Reference Manual for the Model DG824M Wireless ADSL Modem Gateway
5-14
Managing Your Network
Send alert immediately
Check this box if you would like immediate notification of a significant security event, such as
a known attack, port scan, or attempted access to a blocked site.
Send logs according to this schedule
Specifies how often to send the logs: Hourly, Daily, Weekly, or When Full.
Day for sending log
Specifies which day of the week to send the log. Relevant when the log is sent weekly or
daily.
Time for sending log
Specifies the time of day to send the log. Relevant when the log is sent daily or weekly.
If the Weekly, Daily or Hourly option is selected and the log fills up before the specified
period, the log is automatically e-mailed to the specified e-mail address. After the log is sent,
the log is cleared from the gateway’s memory. If the gateway cannot e-mail the log file, the log
buffer may fill up. In this case, the gateway overwrites the log and discards its contents.

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top