Old 08-07-2020, 20:51   #1
Graffiti
Quiet Professional
 
Graffiti's Avatar
 
Join Date: Jul 2012
Location: Free America
Posts: 38
Passive router home security

How do I log the mac address of devices my wifi router 'handshakes' with but doesn't actually connect with?

Can it be done with bluetooth as well?

Not looking to be nefarious but seems like a good addition to my layered home security.
__________________
"You and I know and do not believe that life is so dear and peace so sweet as to be purchased at the price of chains and slavery."
Graffiti is offline   Reply With Quote
Old 08-08-2020, 05:42   #2
(1VB)compforce
Guerrilla Chief
 
(1VB)compforce's Avatar
 
Join Date: Mar 2004
Location: Atlanta
Posts: 502
What brand of router?

It's different in different models. Most of them you have to go to advanced or diagnostics and turn on logging (syslog). There are some tools out there to help parse the logs. They tend to be very tedious to read by hand.

The console commands for a router running Cisco's OS are:

archive
log config
logging enable
notify syslog contenttype plaintext
hidekeys
logging on
logging 192.168.1.1
login block-for 60 attempts 3 within 60
login on-failure log every 1
login on-success log every 1
(1VB)compforce is offline   Reply With Quote
Old 08-12-2020, 21:06   #3
Graffiti
Quiet Professional
 
Graffiti's Avatar
 
Join Date: Jul 2012
Location: Free America
Posts: 38
Its a linksys WRT router

I havent reflashed the firmware for openWRT but assume I should to be able to do this...
__________________
"You and I know and do not believe that life is so dear and peace so sweet as to be purchased at the price of chains and slavery."

Last edited by Graffiti; 08-12-2020 at 21:14.
Graffiti is offline   Reply With Quote
Old 08-13-2020, 03:39   #4
(1VB)compforce
Guerrilla Chief
 
(1VB)compforce's Avatar
 
Join Date: Mar 2004
Location: Atlanta
Posts: 502
Quote:
Originally Posted by Graffiti View Post
Its a linksys WRT router

I havent reflashed the firmware for openWRT but assume I should to be able to do this...
The only thing I know of that is available on Linksys is the security log under Troubleshooting->Log in the web admin pages.

I have a Linksys WRT router myself. I screwed around a bit to see what I could find, but Linksys apparently doesn't do consoles any more. The router does have telnet open (TCP port 23), but it refuses all connections on both public and private interfaces.

I've never had to worry about it because I don't have WiFi enabled. My network is wired only and behind a Cisco ASA firewall with separate physical segments for different purposes.

I'm not a fan of reflashing to open source. If you do, all support goes away.
You are reduced to begging for answers in their forums if you have an issue.
(1VB)compforce is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump



All times are GMT -6. The time now is 04:34.



Copyright 2004-2022 by Professional Soldiers ®
Site Designed, Maintained, & Hosted by Hilliker Technologies