Probably similar to my mother's response when she found out Dad's last bit
of advice as I was leaving for boot camp - "If you dip the wick don't
dribble any wax." - which I made even worse by laughing at her ...
My father died when I was little** but one of the last things my
motehr said before I went off to college was, The girl has more to
lose than the boy does by getting pregnant so it's at least half her
responsibility not to get pregnant.
But a couple years later when it came up that I had had sex with
girls, she sounded disapproving. Huh? So what did your advice
mean? I don't remember if I reminded her of what she's said.
**And my uncle had a total of one conversation more than 2 sentences
with me from the time I was 10, when we moved to his city, until 18,
and that was by accident. Even less in other years.
Have you edited your log, here? Are there other activities not shown?
Do you see just these sporadic accesses?
(your) LAN (is being) access(ed) from a remote device. The first address
listed in each of these lines (the one that is NOT 192.168.1.5) represents
the "remote" device. The device on *your* LAN is the second address
Chances are, it's a DHCP assigned IP address. If <whatever> doesn't
reconnect to the router within the lease time, the IP address may get
reallocated to some other device. 192.168/16 (i.e., 192.168.xxx.yyy)
is a private network address -- damn near everyone here is using
the same address (but *behind* a router/NATd of some sort). So,
the IP addresses of all of your "computers" will be in that same
Most routers will provide a (DHCP?) page that show where the current
IP addresses that *it* has doled out are being used. (I suspect
"Attached Devices" in your router).
This is the DHCP request *from* the F8:D0:AC:B1:D4:A3 device being satisfied by
the router with the issuance/renewal of a lease (usually good for 24 hours;
longer if the device renews the request) on the IP address 192.168.1.5
You want to look at the IP's in question. As 9000 is not a privileged
port, it's possible any application can be using it, friend or foe:
If you feel ambitious, you can install a rule to block inbound/outbound
connections to/from that port and see if <something> that you WANT
suddenly stops working. Probably under "Security"?
That's an excerpt only but those were the only messages listed with the
prefix of "[LAN access from remote]".
At the moment, there are no "attached devices" with the DHCP IP
address of 192.168.1.5, and the log file doesn't say which device
in the house was 192.168.1.5 on that day.
But, looking at the log file, at some point thereafter, the
IP address of 192.168.1.5 was the MAC address which is the
I can't tell, from the log, what device had the DHCP given
address of 192.168.1.5 on the day of the attack.
The router shows "attached devices" but it doesn't show
I thought I'd look at my log, for the first time in 8 years. The
only wireless device I use is a printer.
Dec/21/2015 18:59:18 DHCP lease IP 192.168.0.106 to
Dec/21/2015 18:59:09 DHCP lease IP 192.168.0.106 to
Dec/21/2015 18:59:04 DHCP lease IP 192.168.0.106 to
Dec/20/2015 05:20:07 DHCP lease IP 192.168.0.102 to Dennis-Iphone-2
Dec/20/2015 05:20:06 DHCP lease IP 192.168.0.102 to Dennis-Iphone-2
So who is Dennis? 5 in the morning? That's my time, right? or GMT?
Dec/20/2015 05:20:05 Wireless PC connected 70-3E-AC-DE-14-94
Dec/19/2015 23:51:38 Wireless PC connected A4-EE-57-E3-09-E4
Whose is this wireless PC? I have one, but haven't used it in weeks.
Dec/19/2015 21:48:06 DHCP Request success 192.168.1.46
Dec/19/2015 21:48:06 DHCP Request 192.168.1.46
Dec/19/2015 15:16:58 DHCP lease IP 192.168.0.100 to EPSONE309E4
Dec/19/2015 10:13:04 DHCP lease IP 192.168.0.102 to Dennis-Iphone-2
Dec/19/2015 10:13:02 DHCP lease IP 192.168.0.102 to Dennis-Iphone-2
The Epson is my printer. I was probably printing the crossword
puzzle. But more Dennis!
Dec/19/2015 10:13:02 Wireless PC connected 70-3E-AC-DE-14-94
Dec/19/2015 07:51:01 DHCP lease IP 192.168.0.105 to
I have a cell phone that runs android, but I don't think I've had it
on in the house on the 19th. I haven't tried to connect to wifi with
it for a year or more.
Could something like this cause interruptions in my internet, which I
get sometimes? The router light for the jack I use flickers all the
time, but sometimes no data gets dl'd. I have DSL.
Dec/16/2015 15:12:23 DHCP lease IP 192.168.0.103 to Tiyes-Iphone-2
Dec/16/2015 08:49:25 Wireless PC connected A4-EE-57-E3-09-E4
Dec/16/2015 06:25:38 Wireless PC connected A4-EE-57-E3-09-E4
Dec/16/2015 05:27:09 Wireless PC connected A4-EE-57-E3-09-E4
Dec/16/2015 05:26:17 Wireless PC connected A4-EE-57-E3-09-E4
Dec/13/2015 20:22:09 Wireless PC connected A4-EE-57-E3-09-E4
Dec/13/2015 20:21:49 Wireless PC connected A4-EE-57-E3-09-E4
Dec/13/2015 12:27:17 DHCP lease IP 192.168.0.103 to Tiyes-Iphone-2
Dec/13/2015 12:27:16 Wireless PC connected 20-A2-E4-E7-81-36
Dec/09/2015 08:06:17 DHCP lease IP 192.168.0.106 to Sharlenes-iPad
To send myself the log it asks for SMTP Server / IP Address .
Does that mean the smtp server is enough, or do I need its IP address
too, which I don't know?
Help says "SMTP Server - The address of the SMTP (Simple Mail Transfer
Protocol) server that will be used to send the logs." but I haven't
gotten the email I sent yet, and I should have by now.
I saw the send-log command, but I just copy-and-pasted my
router log into a text file on the computer.
1. While looking at the router log file from within your browser:
Control-A to select all
Control-C to copy
2. Then paste that into any open text file:
Control-V to paste
I tried that but it highlighted the whole page, not just the data.
So it was easier to use to the cursor to choose what to highlight.
My firmware is almost 11 years old. Maybe D-Link has refined it by
Plus there are 20 pages of data, each requiring separate copying, so I
was hoping to get all 20 pages in one email.
And that includes only System Activity, Attacks, and Notice, not Debug
Information and Dropped Packets.
Later I will check those to see what shows up.
In any browser session, you can also use "control F" and then type
in what you're looking for.
Then select just that which you found.
F3 moves to the next find.
Shift F3 moves backward to the previous find.
Well, I just googled and there is something called
SMTP Server / IP Address
How to Find My SMTP Server IP Address
Click "Start," then "Run" and type "cmd" in the box that appears.
Press enter. A command window will appear.
Type "ping," a space and then the name of your SMTP Server. For
example, type "ping smtp.server.com" and press "Enter." The window
will then try to contact the SMTP server by the IP address. It will
say, "Pinging x.x.x.x with 32 bytes of data." The "x.x.x.x" will be
the SMTP server's IP address.
So I'm debating whether I should put [ ] around the number and then it
turns out, even without the [ ] there isn't enough room for the
entire number!! Even thnough it's the standard length 3,2,3,3 = 11
plus 3 dots. So I removed the smtp value and put only the IP
address, and sent it, and that didnt' work either.
I just logged into my Netgear WNDR3400v2 router, and went to the
advanced tab of Administration > Logs
It says on top of the window what time it "thinks" it is:
Current Time: Wednesday, Dec 23,2015 08:03:08
Looking at the clock, that's the local time in my time zone.
Mine doesn't show the time anywhere, but if yours shows the current
time, that's good enough for me.
I noticed that because some families have so many wireless devices,
they've redesigned routers and now many are 100 to 200 dollars. That
means I should be able to get a 2-year old one cheap. Actually I
bought cheap at a hamfest what I thought was identical, and only
noticed a year later that it was a router like mine but without the
wireless part. Now is a bad time to try it because every day I may
wish to print the crossword.
I figured out a way to verify the time zone, and that's to watch the
log for a new event, or to create a new event, like by trying to send
an email (since I have all 5 kinds of events checked now).
So I did that a couple hours ago and the time that showed in the log
was 7 minutes later than the current time!
I went out for a couple hours and when I tried it just now, the time
the log showed was 11 minutes later than the current time.
Put that in your pipe and smoke it.
The current time was my computer which has maybe never been wrong, but
I checked it with my atomic clock, satellite clock whatever it is.
So, how was it 7 minutes later in the log than in reality? Later
meaning it had not yet reached that time.
And why did that change to 11 minutes?
I found the answer to this, where the computer boys play.
The router has its own clock, which can be wrong, like anything else.
To keep it correct, it has two possibilities.
Automatic (Automatic time update with pre-defined NTP servers or
enter customized NTP)
Manual is the alternative, but I have Automatic checked.
I don't have anything in the customized NTP field and I have the
interval for Automatic as 24 hours, the default, so that lets it get
wronger and wronger for 24 hours until it gets corrected.
If the log were important, I could set the interval at as little as
one hour. (it goes up to 72.) But I'll let it stay at 24. I'm glad
to know how it can be wrong, when other times are a lot closer.
It's a shame I can't use this to peer into the future.
There is what appears to be an iPhone connecting to your router.
You can look up the first half of the MAC address (the OUI) to see
what kind of device it appears to be from:
Denis' MAC address is the following:
The organizationally unique part is the first half:
That indeed is an Apple device OUI:
703EAC indeed resolves to "Apple, Inc."
HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.