republican-creole
site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

US Telco Support > Verizon > Verizon Fiber Optics > Strange router log entries

Search Topic:
 Uniqs:
2802		 Share Topic
Posting?
Post a:
Post a:
Links: ·FiOS Map ·Vz FiOS FAQ ·General Fiber Optics ·Vz FiOS Monitors ·Submit a FAQ
AuthorAll Replies


Twonkies

@verizon.net

Strange router log entries

So I just got Fios, I posted here like a week ago, about switching from comcast cable to fios, your replies helped alot in the decision i made, which I am happy with
The TV service is great, and the internet is fast (much faster then cable), the install guy was nice

But today i decided to look through all the router settings, I needed to forward some ports that were forwarded on my old router

While looking through these settings, i found the security log, so i thought id take a look, and heres what i got:

quote:
Jul 4 00:22:01 2009 Firewall Info User authentication success Username: admin

Jul 4 00:21:51 2009 Firewall Info User authentication failure Invalid password. Username: admin

Jul 4 00:48:48 2009 Firewall Setup Configuration change WBM user Unknown (0.0.0.0) has changed security settings[repeated 3 times, last time on Jul 4 00:49:50 2009]

Jul 3 19:06:37 2009 Firewall Info User authentication success Username: admin

Jul 3 18:52:33 2009 Firewall Setup Configuration change WBM user Unknown (0.0.0.0) has changed security settings[repeated 3 times, last time on Jul 3 18:54:59 2009]

Jul 3 18:33:04 2009 Firewall Setup Configuration change WBM user admin (192.168.1.5) has changed security settings[repeated 6 times, last time on Jul 3 18:52:16 2009]

Jul 3 17:39:26 2009 Firewall Info User authentication success Username: admin[repeated 2 times, last time on Jul 3 18:28:15 2009]

Jul 3 16:25:11 2009 Firewall Setup Configuration change WBM user Unknown (0.0.0.0) has changed security settings[repeated 7 times, last time on Jul 3 17:34:10 2009]

Jul 3 15:31:05 2009 Firewall Info User authentication success Username: admin

Jul 3 14:10:44 2009 Firewall Setup Configuration change WBM user Unknown (0.0.0.0) has changed security settings[repeated 2 times, last time on Jul 3 15:01:42 2009]

Jul 3 14:09:35 2009 Firewall Info User authentication success Username: admin

Jul 3 14:07:17 2009 Firewall Setup Firewall status changed enabled

Jul 3 14:07:16 2009 System Log Message The system is UP!
The WBM user Uknown is what im worried about, the admin's are me (the failed pass was me to cause im so used to my old pass)

At first I thought it was the fios guy, using his special thing to configure stuff, but its on there after the fios guy left, including today, and the router hasnt been shut off since it was first started up yesterday, so there would be no reboot settings changes

Also i have another wireless user on the network, the name is new-host, today its new-host2, it was there when the fios guy was here (after he set up the first computer i looked at some of the router settings) so i assumed it was him, but it was still there even after he left, but since it was there almost as soon as the router was up i figured it was just part of the network some how

Device information doesnt give alot of info on it, and testing the connectivity to it fails every time, so i thought it was some sort of glitch, but now the security changes from an unknown user has me wondering

Is new-host and the unknown security changes normal?

Router Info-
Model: MI424WR-GEN2 (rev E)
Firmware: 20.9.0

Also, how can you change the admin pass, i looked every where but cant find it
to forum · permalink · 2009-07-04 01:25:36 ·


birdfeedr
Premium,MVM
join:2001-08-11
Warwick, RI
kudos:5
1 edit

Take a look at this thread. »[northeast] Log From My Router - I'm Curious and Concerned It does not come to a conclusion, but it explains some things that might help you interpret what you see.

If it was me, I'd power off the router for a few seconds, then power back on. That will start the log fresh and you'll see every entry that you made happen. I'd also turn off UPnP, which is on by default. Unless you use applications which rely on it. It's not concluded in that thread, but I'd venture a good guess your log entry is what you'd get as a result of UPnP activity.

Changing your password is a great idea. Install tech probably set it to password1 as part of his SOP. You can change it in Advanced / Users / edit the entry

FWIW, this may be a slightly different version of your message.
Jul 3 20:13:51 2009 Firewall Setup Configuration change Internal application has changed security settings

[edit to add source]From a Rev.A Actiontec with 10.0.11.6 firmware.

to forum · permalink · 2009-07-04 06:12:31 ·


Twonkies

@verizon.net

It might be UPnP, if thats the way upnp changes are shown in the log

I changed the pass for admin

Since I just got the router it was probably just setting up for some of the stuff I use, when I used it
I forgot about UPnP

Im probably just worrying about nothing, but Ill keep a close eye on it

Thanks alot for all your help

to forum · permalink · 2009-07-04 08:51:02 ·
Forums > US Telco Support > Verizon > Verizon Fiber Optics

Sunday, 03-Jun 04:42:24 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics