[Dshield] SpeedStream 4200 & Syslog
weaver at denstarfarm.us
Wed Feb 15 19:33:52 GMT 2006
This is a post I am replying to by copying off a web mirror ... I have
NOT been rx-ing ANY DShiled list messages
> Or are you saying that you have a packet sniffer and are not seeing
> any UDP activity on the port for Syslog on your network? In that
> case, I think you will probably need to seek out vendor support on
> the issue, unless somebody else on list has the device to which you
> refer in their environment.
I use Ethereal and see no port traffic. I also use a WallWatcher
gimmie that monitors both 162 and 514 to see if there is any traffic.
514 being the usual port for some program to dump info into the Syslog
stream. I tested "LogCapture" by sending raw junk to 514 ... it works.
The 4200 is advertised as dumping firewall into 514. I would then use
Kiwi or WW to read and analyze and dump to DShield.
Nothing comes out of the 4200. There is a pretty hefty bunch of things
one can alter in the setup area but none seem to be appropriate to
turn on log-output to syslog ports(s)
as I said at the top, I am not getting any List traffic and it is not
being blocked here. I found that you replied when I was doing a google
search on 4200 & syslog a few minutes ago.
However, I am still desperate to figure this out .... Oh, Alltel did
nothing to the box, nor has it altered. It **ought** to work IF
Siemens is not lying (mistaken) about it.
I emailed them but no one seems to want to answer such a technical
More information about the list