NetGear N150 router syslogging
I have set up my NetGear N150 wireless router to send it's log to my rsyslog server where the logs are appended to /var/log/messages.
The web interface mentions that you can filter which events to log via a couple of checkboxes. Fine. It also states that it will log common denial of service attacks and port scanning.
The thing is since this has never happened to me, I don't know what strings in the logs to look for.
Ideally I'd like to set up a script to filter out these events and email me if these type of events are found. Presumably, there are some set strings the router logs for this sort of event - does anyone have any experience of what these strings might be or how I find out? The only documentation I've found are simple set up guides for the router rather than technical documentation of the types and functionality of the logging and in-built security mechanisms for NetGear routers.
Any help guys?
Last edited by arashi256; 04-11-2012 at 04:59 PM.