Choose your cart
Choose your cart
Receive up to $500 promo credit ($180 w/Welcome Unlimited, $360 w/ 5G Start, or $500 w/5G Do More, 5G Play More, 5G Get More or One Unlimited for iPhone plan (Welcome Unlimited and One Unlimited for iPhone plans can't be mixed w/other Unlimited plans; all lines on the account req'd on respective plans)) when you add a new smartphone line with your own 4G/5G smartphone on an eligible postpaid plan between 12/23/22 and 2/16/23. Promo credit applied over 36 months; promo credits end if eligibility requirements are no longer met. Excludes Verizon Prepaid plans.
$699.99 (128 GB only) device payment purchase or full retail purchase w/ new smartphone line on One Unlimited for iPhone (all lines on account req'd on plan), 5G Start, 5G Do More, 5G Play More or 5G Get More plan req'd. Less $699.99 promo credit applied over 36 mos.; promo credit ends if eligibility req’s are no longer met; 0% APR.
Hi Team,
I have a sketchy Chinese IP camera, a Dericam.
For security, I've identified it's MAC address, and told my firewall to block all outgoing traffic. Firewall is built into my Verizon router Fios-G1100. I made a network object, and added the MAC address of the Dericam, then said block all traffic to/from internet.
How can I generate a security log, if the Dericam attempts to make an outside connection?
thanks
Carl
Solved! Go to Correct Answer
You can log blocked connection attempts by going to Firewall > Security Logs > Settings > Check relevant categories.
You need to check the log at a different place by going to System Monitoring > System Logging > Firewall Log.
Here is an example of the log entry with interpretations.
Red box: IN: in-bound interface, br-lan stands for bridged LAN (including 4 port switch, wireless APs, and coax). OUT: out-bound interface, eth1 stands for the WAN Ethernet interface.
Green underlined: MAC address of router (48:5d:36 is the OUI of Verizon Business).
Orange underlined: MAC address of device initiating connection (could be your IP camera).
SRC: source IP address
DST: destination IP address
TTL: time to live. A small number means the packet passed over too many routers. The packet likely comes from oversea sources.
PROTO: next encapsulation protocol. Could be TCP, UDP, ICMP, or even AH and ESP for VPN traffic.
SPT: source port.
DST: destination port. From the port number you can identify the application layer protocol such as HTTP/HTTPs, SSH, FTP, or even ISAKMP for IPsec VPN key exchange.
If you are too worried, you can even set up a Syslog server to receive the logs generated by G1100.
You can log blocked connection attempts by going to Firewall > Security Logs > Settings > Check relevant categories.
You need to check the log at a different place by going to System Monitoring > System Logging > Firewall Log.
Here is an example of the log entry with interpretations.
Red box: IN: in-bound interface, br-lan stands for bridged LAN (including 4 port switch, wireless APs, and coax). OUT: out-bound interface, eth1 stands for the WAN Ethernet interface.
Green underlined: MAC address of router (48:5d:36 is the OUI of Verizon Business).
Orange underlined: MAC address of device initiating connection (could be your IP camera).
SRC: source IP address
DST: destination IP address
TTL: time to live. A small number means the packet passed over too many routers. The packet likely comes from oversea sources.
PROTO: next encapsulation protocol. Could be TCP, UDP, ICMP, or even AH and ESP for VPN traffic.
SPT: source port.
DST: destination port. From the port number you can identify the application layer protocol such as HTTP/HTTPs, SSH, FTP, or even ISAKMP for IPsec VPN key exchange.
If you are too worried, you can even set up a Syslog server to receive the logs generated by G1100.