How to monitor wlan for intruders?

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
View previous topic :: View next topic  
Author Message
Kaosports
DD-WRT Novice


Joined: 12 Apr 2018
Posts: 1
PostPosted: Thu Apr 12, 2018 3:26    Post subject: How to monitor wlan for intruders? Reply with quote
Howto monitor wlan for intruders?

Is the a program that can do that

Thanks CJ

See more of our service:
Kaosports Children's Basketball Center: https://kaosports.vn/
https://goo.gl/kzVRxA
Best basketball school location: https://goo.gl/TSZVg4

Last edited by Kaosports on Tue May 22, 2018 8:38; edited 1 time in total
Back to top View user's profile Send private message
Sponsor
lazardo
DD-WRT User


Joined: 17 Apr 2014
Posts: 140
Location: SF Bay Area
PostPosted: Thu Apr 12, 2018 6:04    Post subject: Reply with quote
GUI: Security -> Firewall Protection: Enable + Apply Settings

No intruders, but you can see them being blocked:

GUI: Status -> Syslog
or
ssh <your_router> "grep DROP /var/log/messages"

Cheers,
Back to top View user's profile Send private message
jwh7
DD-WRT Guru


Joined: 25 Oct 2013
Posts: 2670
Location: Indy
PostPosted: Thu Apr 12, 2018 16:25    Post subject: Re: How to monitor wlan for intruders? Reply with quote
Kaosports wrote:
Howto monitor wlan for intruders?

Is the a program that can do that
Monitor if someone is trying to connect (as addressed by lazardo), or is already connected? For the latter, check the Status->Wireless 'Clients' list.
_________________
# NAT/SFE/CTF: limited speed w/ DD # Repeater issues # DD-WRT info: FAQ, Builds, Types, Modes, Changes, Demo #
OPNsense x64 5050e ITX|DD: DIR-810L, 2*EA6900@1GHz, R6300v1, RT-N66U@663, WNDR4000@533, E1500@353,
WRT54G{Lv1.1,Sv6}@250|FreshTomato: F7D8302@532|OpenWRT: F9K1119v1, RT-ACRH13, R6220, WNDR3700v4
Back to top View user's profile Send private message
mac913
DD-WRT Guru


Joined: 02 May 2008
Posts: 1848
Location: Canada
PostPosted: Thu Apr 12, 2018 16:35    Post subject: Reply with quote
lazardo wrote:
GUI: Security -> Firewall Protection: Enable + Apply Settings

No intruders, but you can see them being blocked:

GUI: Status -> Syslog
or
ssh <your_router> "grep DROP /var/log/messages"

Cheers,


I did a telnet to router and the command didn't work using this command worked....
cat /var/log/messages |grep DROP

To check for warnings in the logs...
cat /var/log/messages |grep .warn
_________________
Home Network on Telus 1Gb PureFibre - 10GbE Copper Backbone
2x R7800 - Gateway & WiFi & 3xWireGuard - DDWRT r53562 Std k4.9
Off Site 1
R7000 - Gateway & WiFi & WireGuard - DDWRT r54517 Std
E3000 - Station Bridge - DDWRT r49626 Mega K4.4
Off Site 2
R7000 - Gateway & WiFi - DDWRT r54517 Std
E2000 - Wired ISP IPTV PVR Blocker - DDWRT r35531

YAMon 3.4.6 | DNSCrypt-Proxy V2
Back to top View user's profile Send private message
lazardo
DD-WRT User


Joined: 17 Apr 2014
Posts: 140
Location: SF Bay Area
PostPosted: Mon Apr 16, 2018 17:25    Post subject: Reply with quote
mac913 wrote:
lazardo wrote:
GUI: Security -> Firewall Protection: Enable + Apply Settings

No intruders, but you can see them being blocked:

GUI: Status -> Syslog
or
ssh <your_router> "grep DROP /var/log/messages"

Cheers,


I did a telnet to router and the command didn't work using this command worked....
cat /var/log/messages |grep DROP

To check for warnings in the logs...
cat /var/log/messages |grep .warn

Attention to detail.
Code:
~$ ssh dd-wrt "nvram get os_version; grep DROP /var/log/messages" | head -3
33492
Apr 16 16:48:44 dd-wrt kern.warn kernel: DROP IN=vlan2 OUT= MAC=78:24:af:20:02:4c:00:01:5c:63:fc:46:08:00:45:96:55:e1 SRC=108.237.246.19 DST=24.6.184.178 LEN=588 TOS=0x00 PREC=0x20 TTL=52 ID=0 DF PROTO=UDP SPT=30000 DPT=64598 LEN=568
Apr 16 16:48:44 dd-wrt kern.warn kernel: DROP IN=vlan2 OUT= MAC=78:24:af:20:02:4c:00:01:5c:63:fc:46:08:00:45:20:01:79 SRC=108.237.246.19 DST=24.6.184.178 LEN=377 TOS=0x00 PREC=0x20 TTL=52 ID=0 DF PROTO=UDP SPT=30000 DPT=64598 LEN=357

Cheers,
Back to top View user's profile Send private message
al_c
DD-WRT Guru


Joined: 13 Apr 2013
Posts: 2134
Location: Ottawa Canada
PostPosted: Mon Apr 30, 2018 3:11    Post subject: Re: How to monitor wlan for intruders? Reply with quote
Kaosports wrote:
Howto monitor wlan for intruders?

Is the a program that can do that

Thanks CJ

Perhaps too little too late but on the plus side, YAMon (https://www.dd-wrt.com/phpBB2/viewtopic.php?t=314467 or http://usage-monitoring.com) shows a list of all devices connecting to your network...

However on the downside, if the intruders appear in the YAMon reports it means you've already been compromised...
Back to top View user's profile Send private message Visit poster's website
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum