[Dshield] SpeedStream 4200 & Syslog

Robert D. weaver at denstarfarm.us
Wed Feb 15 19:33:52 GMT 2006

This is a post I am replying to by copying off a web mirror ... I have
NOT been rx-ing ANY DShiled list messages

> Or are you saying that you have a packet sniffer and are not seeing
> any UDP activity on the port for Syslog on your network?  In that 
> case, I think you will probably need to seek out vendor support on 
> the issue, unless somebody else on list has the device to which you 
> refer in their environment.

I use Ethereal and see no port traffic. I also use a WallWatcher
gimmie that monitors both 162 and 514 to see if there is any traffic.
514 being the usual port for some program to dump info into the Syslog
stream. I tested "LogCapture" by sending raw junk to 514 ... it works.

The 4200 is advertised as dumping firewall into 514. I would then use
Kiwi or WW to read and analyze and dump to DShield.

Nothing comes out of the 4200. There is a pretty hefty bunch of things
one can alter in the setup area but none seem to be appropriate to
turn on log-output to syslog ports(s)

as I said at the top, I am not getting any List traffic and it is not
being blocked here. I found that you replied when I was doing a google
search on 4200 & syslog a few minutes ago.

However, I am still desperate to figure this out .... Oh, Alltel did
nothing to the box, nor has it altered. It **ought** to work IF
Siemens is not lying  (mistaken) about it.

I emailed them but no one seems to want to answer such a technical
question (hah)


Robert D.

