Wireless-N ADSL2+ Modem Router DGN2000 Reference Manual

4-12

Managing Your Network

v1.0, July 2008

Log entries are described in the following table.

Log action buttons are described in the following table.

Selecting What Information to Log

Besides the standard information that is listed in the previous two tables, you can choose to log

additional information. Those optional selections are as follows:

•

Attempted access to blocked sites

•

Connections to the Web-based interface of the modem router

•

Router operation (start up, get time, and so on).

•

Known DoS attacks and port scans

Table 4-4.

Security Log Entry Descriptions

Field

Description

Date and time

The date and time the log entry was recorded.

Description or

action

The type of event and what action was taken, if any.

Source IP

The IP address of the initiating device for this log entry.

Source port and

interface

The service port number of the initiating device, and whether it

originated from the LAN or WAN.

Destination

The name or IP address of the destination device or website.

Destination port and

interface

The service port number of the destination device, and whether it is on

the LAN or WAN.

Table 4-5.

Security Log Action Buttons

Field

Description

Refresh

Refresh the log screen.

Clear Log

Clear the log entries.

Send Log

E-mail the log immediately.

Apply

Apply the current settings.

Cancel

Clear the current settings.

Wireless-N ADSL2+ Modem Router DGN2000 Reference Manual

Managing Your Network

4-13

v1.0, July 2008

Saving Log Files on a Server

You can choose to write the logs to a computer running a syslog program. To activate this feature,

select

Broadcast on LAN

, or enter the IP address of the server where the syslog file will be

written.

Examples of Log Messages

Following are examples of log messages. In all cases, the log entry shows the time stamp as

day, year-month-date hour:minute:second.

Activation and Administration

Tue, 2006-05-21 18:48:39 - NETGEAR activated

[This entry indicates a power-up or reboot with initial time entry.]

Tue, 2006-05-21 18:55:00 - Administrator login successful -

IP:192.168.0.2

Thu, 2006-05-21 18:56:58 - Administrator logout - IP:192.168.0.2

[This entry shows an administrator logging in and out from IP address 192.168.0.2.]

Tue, 2006-05-21 19:00:06 - Login screen timed out - IP:192.168.0.2

[This entry shows a time-out of the administrator login.]

Wed, 2006-05-22 22:00:19 - Log emailed

[This entry shows when the log was e-mailed.]

Dropped Packets

Wed, 2006-05-22 07:15:15 - TCP packet dropped -

Source:64.12.47.28,4787,WAN - Destination:134.177.0.11,21,LAN - [Inbound

Default rule match]

Sun, 2006-05-22 12:50:33 - UDP packet dropped -

Source:64.12.47.28,10714,WAN - Destination:134.177.0.11,6970,LAN -

[Inbound Default rule match]

Sun, 2006-05-22 21:02:53 - ICMP packet dropped -

Source:64.12.47.28,0,WAN - Destination:134.177.0.11,0,LAN - [Inbound

Default rule match]

[These entries show an inbound FTP (port 21) packet, a User Datagram Protocol (UDP) packet

(port 6970), and an Internet Control Message Protocol (ICMP) packet (port 0) being dropped as a

result of the default inbound rule, which states that all inbound packets are denied.]

Wireless-N ADSL2+ Modem Router DGN2000 Reference Manual

4-14

Managing Your Network

v1.0, July 2008

Enabling Security Event E-mail Notification

To receive logs and alerts by e-mail, you must provide your e-mail information in the E-mail

screen and specify which alerts you would like to receive and how often. In the main menu, under

Security, select

E-mail

. The E-mail screen displays.

The E-mail screen allows you to make the following selections:

•

Turn E-mail Notification On

. Select this check box if you want to receive e-mail logs and

alerts from the modem router.

•

Send To This E-mail Address

. Enter the e-mail address to which logs and alerts are sent. This

e-mail address will also be used as the From address. If you leave this field blank, log and alert

messages are not via e-mail.

Figure 4-9

Wireless-N ADSL2+ Modem Router DGN2000 Reference Manual

Managing Your Network

4-15

v1.0, July 2008

•

Outgoing Mail Server

. Enter the name or IP address of your ISP’s outgoing (SMTP) mail

server (such as mail.myISP.com). You might be able to find this information in the

configuration settings of your e-mail program. Enter the e-mail address to which logs and

alerts are sent. This e-mail address is also used as the From address. If you leave this field

blank, log and alert messages are not sent by e-mail.

•

My Mail Server requires authentication

.If you use an outgoing mail server provided by

your current ISP, you do not need to select this field. If you use an e-mail account that is not

provided by your ISP, select this field, and enter the required user name and password

information.

•

Send E-Mail alerts immediately

.

Select the corresponding check box if you would like

immediate notification of a significant security event, such as a known attack, port scan, or

attempted access to a blocked site.

•

Send Logs According to this Schedule

.

Specifies how often to send the logs: Hourly, Daily,

Weekly, or When Full.

–

Day for sending log

Specifies which day of the week to send the log. Relevant when the log is sent weekly.

–

Time for sending log

Specifies the time of day to send the log. Relevant when the log is sent daily or weekly.

If the Weekly, Daily or Hourly option is selected and the log fills up before the specified

period, the log is automatically e-mailed to the specified e-mail address. After the log is sent, it

is cleared from the modem router’s memory. If the modem router cannot e-mail the log file,

the log buffer might fill up. In this case, the modem router overwrites the log and discards its

contents.

Running Diagnostic Utilities and Rebooting the Wireless

Modem Router

The modem router has a diagnostics feature. You can use the Diagnostics screen to perform the

following functions from the modem router:

•

Ping an IP address to test connectivity to see if you can reach a remote host.

•

Perform a DNS lookup to test if an Internet name resolves to an IP address to verify that the

DNS server configuration is working.

•

Display the Routing table to identify what other modem routers the modem router is

communicating with.

Wireless-N ADSL2+ Modem Router DGN2000 Reference Manual

4-16

Managing Your Network

v1.0, July 2008

•

Reboot the modem router to enable new network configurations to take effect or to clear

problems with the modem router’s network connection.

In the main menu, under Maintenance, select

Diagnostics

to display the following screen.

Configuring Remote Management

Using the Remote Management screen, you can allow a user or users on the Internet to configure,

upgrade, and check the status of your modem router.

Figure 4-10

Note:

Be sure to change the modem router’s default password to a very secure password.

The ideal password should contain no dictionary words from any language, and

should be a mixture of letters (both upper case and lower case), numbers, and

symbols. Your password can be up to 30 characters.