DSL Intelligence
Lisa Kachold
lisakachold at obnosis.com
Tue Sep 30 15:52:44 MST 2008
Hmmm?
Looks like I have some OpenSwan Boot log information in my "honeypot" router log?
Scratch head! Except HO-NOOOS! I don't believe they setup any certs for me?
Since my router manufacturer doesn't use OpenSwan, I suppose these "brownie" helpers probably also broke my 1000 HT ethernet driver (it only connects at 100) which started the HTB whining about the upsteam bandwidth [see the HCB logs].
Reference: http://zedomax.com/blog/2006/08/25/diy-hack-your-linksys-router-to-get-more-bandwidth-and-play-w-linux/
[Laugh! Course it's not that kind of LinkSys.....]
Guess I will just have to use the Web Based Interface to tftp wget the originating source logs out and set it up again right?
Honeypot usually only catching silly Chinese DoS packets.....[snore...] this is a horse of a different color?
All Log
Type:
Sep 30 14:20:50 - [Access Log]O UDP Packet - 192.168.1.100:54411 --> 68.105.28.11:53
Sep 30 14:20:50 - [Access Log]O UDP Packet - 192.168.1.100:52972 --> 68.105.29.11:53
Sep 30 14:20:50 - [Access Log]O UDP Packet - 192.168.1.100:52972 --> 68.105.28.11:53
Sep 30 14:20:51 - [VPN Log]: shutting down
Sep 30 14:20:51 - IPSEC EVENT: KLIPS device ipsec0 shut down.
Sep 30 14:20:51 - [Access Log]O UDP Packet - 192.168.1.100:59093 --> 68.105.28.11:53
Sep 30 14:20:52 - [Access Log]O UDP Packet - 192.168.1.100:59093 --> 68.105.29.11:53
Sep 30 14:20:53 - [VPN Log]: Starting Pluto (Openswan Version cvs2006Jan12_11:29:56 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OE at ECqImzhFD)
Sep 30 14:20:53 - [VPN Log]: @(#) built on Sep 3 2007:16:44:42:
Sep 30 14:20:53 - [VPN Log]: Setting NAT-Traversal port-4500 floating to on
Sep 30 14:20:53 - [VPN Log]: port floating activation criteria nat_t=1/port_fload=1
Sep 30 14:20:53 - [VPN Log]: including NAT-Traversal patch (Version 0.6c)
Sep 30 14:20:53 - [VPN Log]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
Sep 30 14:20:53 - [VPN Log]: starting up 1 cryptographic helpers
Sep 30 14:20:53 - [VPN Log]: started helper pid=1785 (fd:5)
Sep 30 14:20:53 - [VPN Log]: Using KLIPS IPsec interface code on 2.4.27-star
Sep 30 14:20:53 - [VPN Log]: Changing to directory '/etc/ipsec.d/cacerts'
Sep 30 14:20:53 - [VPN Log]: Changing to directory '/etc/ipsec.d/aacerts'
Sep 30 14:20:53 - [VPN Log]: Changing to directory '/etc/ipsec.d/ocspcerts'
Sep 30 14:20:53 - [VPN Log]: Changing to directory '/etc/ipsec.d/crls'
Sep 30 14:20:53 - [VPN Log]: Warning: empty directory
Sep 30 14:20:53 - HTB init, kernel part version 3.16
Sep 30 14:20:53 - HTB init, kernel part version 3.16
Sep 30 14:20:53 - [Access Log]O UDP Packet - 192.168.1.100:59093 --> 68.105.28.11:53
Sep 30 14:20:53 - HTB: quantum of class 10001 is big. Consider r2q change.
Sep 30 14:20:54 - HTB: quantum of class 10001 is big. Consider r2q change.
Sep 30 14:20:54 - HTB: quantum of class 10010 is big. Consider r2q change.
Sep 30 14:20:54 - HTB: quantum of class 10010 is big. Consider r2q change.
Sep 30 14:21:02 - ipsec0: no IPv6 routers present
Sep 30 14:21:23 - Configuration changed!
References:
http://www.wi-fiplanet.com/tutorials/article.php/3562391
(503)754-4452 Blackberry || Obnosis.com
________________________________
Laugh hard at this MSN Footer
_________________________________________________________________
Stay up to date on your PC, the Web, and your mobile phone with Windows Live.
http://clk.atdmt.com/MRT/go/msnnkwxp1020093185mrt/direct/01/
More information about the PLUG-discuss
mailing list