cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Hub Two - Firmware Update - Firewall Log

poshrat
Dabbler
Posts: 15
Thanks: 1
Registered: ‎24-12-2012

Hub Two - Firmware Update - Firewall Log

‎23-05-2022 5:41 PM

Home Hub One would log / show firewall activity regarding inbound blocked attempts etc. 

Home Hub Two does not appear to have this log information. 

Please can this be added in the next firmware update. 

It is important to be able to check for deliberate and persistent attacks especially as I have a static IP.  So if for example some Russian/other party were trying to look / try exploits (and possibly succeed) we need to know so we can take the appropriate actions.

This is possibly best answered by Bob Pullen Smiley 

Message 1 of 8
(1,134 Views)
Reply
0 Thanks
7 REPLIES 7
jab1
Legend
Posts: 17,111
Thanks: 5,493
Fixes: 255
Registered: ‎24-02-2012

Re: Hub Two - Firmware Update - Firewall Log

‎24-05-2022 7:43 AM

@poshrat I don't know, because I don't use a Hub2, but is it not possible to select a category on this screen?:-

4.Hub2 eventlog.png

John
Message 2 of 8
(1,076 Views)
Reply
0 Thanks
dvorak
Moderator
Moderator
Posts: 29,503
Thanks: 6,627
Fixes: 1,483
Registered: ‎11-01-2008

Re: Hub Two - Firmware Update - Firewall Log

‎24-05-2022 7:55 AM

Yeah, it's the same categories as the hub1 as far as I can tell.
Customer / Moderator
If it helped click the thumb
If it fixed it click 'This fixed my problem'
Message 3 of 8
(1,069 Views)
Reply
Dan_the_Van
Aspiring Hero
Posts: 2,564
Thanks: 1,162
Fixes: 73
Registered: ‎25-06-2007

Re: Hub Two - Firmware Update - Firewall Log

‎24-05-2022 8:02 AM - edited ‎24-05-2022 8:03 AM

I think the complaint is are the messages being reported in the event log, the Hub One reports inbound block attempts, which I did not see when I used my Hub Two as a modem/router, I did see DoS(Port Scanning) and  DoS(Spoofing) messages

Dan

Message 4 of 8
(1,065 Views)
Reply
poshrat
Dabbler
Posts: 15
Thanks: 1
Registered: ‎24-12-2012

Re: Hub Two - Firmware Update - Firewall Log

‎24-05-2022 9:09 AM

That is correct.

Whilst you can select which category to choose ALL, MDW, WAN, PPP, LAN, WIFI, USB, QUOS, MCST, BOOT, GUI, IP, DHCP and SLAAC, BTN,TR69, FRWL, DNS and FRMU. 

FRWL is I believe the Firewall Log.  Here you can see DoS events and Port Scanning, UDP loopback you can not see the likes of Remote Login attempt events, blocks and others that I used to see on Hub One. 

Also some of the log acronyms are a little cryptic / lack obvious meaning - most are OK.

I've established:

BTN = Button pressed event on router

But

MDW = ?

MCST = ? multicast ?

FRMU = ? looks like firmware update log

 

Message 5 of 8
(1,047 Views)
Reply
0 Thanks
Dan_the_Van
Aspiring Hero
Posts: 2,564
Thanks: 1,162
Fixes: 73
Registered: ‎25-06-2007

Re: Hub Two - Firmware Update - Firewall Log

‎24-05-2022 11:07 AM

With the Hub One I found the number of BLOCK messages an annoyance as I really needn't need to know the firewall is working whilst enabled. But seeing port forwarding rules accepting inbound connections is important as that is where the danger exists.
Dan
Message 6 of 8
(1,035 Views)
Reply
0 Thanks
bobpullen
Community Gaffer
Community Gaffer
Posts: 16,887
Thanks: 4,979
Fixes: 316
Registered: ‎04-04-2007

Re: Hub Two - Firmware Update - Firewall Log

‎24-05-2022 11:19 AM

The Hub Two does display accepted port forwarding traffic I believe.

Being pragmatic, it's unlikley much effort will be expended to make the logging any more verbose than it currently is.

If there's something on your network that is accessible from the Internet and requires constant monitoring/protecting, then I'd strongly suggest relying on the logging/defense capability offered by the server/service/your network, rather than the events captured by a consumer router/modem. 

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Message 7 of 8
(1,030 Views)
Reply
poshrat
Dabbler
Posts: 15
Thanks: 1
Registered: ‎24-12-2012

Re: Hub Two - Firmware Update - Firewall Log

‎24-05-2022 11:59 AM

OK and thanks Bob, and Dan. 

Understand your point Bob.  I was pointing out I guess a loss of logging function compared to Hub One. 

FYI all the PCs on my network are directly firewall protected.  Only two PCs can access each other over the network and both have userid and PW protection.  What I can't control/protect are all these modern smart TVs  etc. and should the router be breached then they are available for exploit.  

I have no servers or other kit with open ports awaiting connections.  Only exception to this would be a Netgear R7000 router which is not currently being used which has a VPN function hence my static IP. 

I guess I/we just have to hope the Plusnet/BT keep the Hub 2 router updated with patches for known security issues.  Likewise for all their older models OR replace FOC older PlusNet provided routers. 

That is a potential issue with all ISP provided kit in that unlike other kit one can not get security CVE info and patches.   

 

 

 

Message 8 of 8
(1,015 Views)
Reply
0 Thanks