[Dshield] SpeedStream 4200 Syslog Method

Robert D. weaver at denstarfarm.us
Fri Feb 17 03:52:40 GMT 2006

Go to http://WallWatcher.com and get the
downloadable Log Capture tool at 
this will sit and collect anything running on port 514, count them,
store them in a file if you need to submit them to WW for protcol work
to include your router.

Goto http://www.gabrielstrong.com for SpeedStream5200FTP.zip, a geeky
neat way to tell the router you will login with Admin and use a
password of Admin, or whatever. The Author: Gabriel Strong, quite
clever little tool for this.

Go here: http://www.chiark.greenend.org.uk/~sgtatham/putty/ for a telnet client

first start the telnet. get it ready to hit "OK" just as soon as
speadstream-5200-ftp is done. The 4200 I have times herself out in
about 40, or so, seconds so the telnet client goes away that fast. I
entered a URL of into it.

Start the 5200-ftp and enter the mac address for the router and the
interface. You could try ipconfig /all for starters ... into the boxes
then hit OK

now start the Telnet from above that you prepared to be totally ready for
the " OK" button to be pressed.

Login should appear ... if it does not, look for things such as
browser running or http'd into the browser interface ..... a "no no"

when you get login ... type whatever you did in the initial
speedstream5200 program. [admin/admin maybe]

at the >XSH
type cfg slog{ip=    <crlf>
type cfg save    <crlf>

Above: there is an "{"key, not a mistake. make all characters touch,
no spaces in between. I made several attempts before I got it right.

kill the program.
reboot the 4200.
Start up the Wallwatcher Log Capture program to see if port 514 is
incrementing the counter. Mine did right away.

Thanks to Dr. Olds from BroadBand Reports Forums and to Todd Hixon
from the DShield Forums for starting me in the right direction.

Frobozz of Zork (the great underground empire)

"You are in a twisty little corridor of passages all alike" 



Robert D.

More information about the list mailing list