IDS and Logging Question

[imported_seven]

Hello all as usual.

For thinkin outside the box on pentesting. After i have cracked my WEP ( i need to get more computers and routers, cracking the same one is boring haha but good practice and training ) I thought that if i logged into my router and Port triggered certain ports then it would be easy for me to leave a foothold on my servers ( only 2 for now )

Now my question is, ( well im at work right now and this idea just hit me so i cant practice it yet or dl the router brute-forcer )
Can a host IDS detect router bruteforcing? Is there and IDS you can put on the router? Also are there logs on the router that can be viewed to see failed login attempts?

merci

-seven

p.s i need a fancy tag like xploitz!! lol

[Eristic]

Hello all as usual.

For thinkin outside the box on pentesting. After i have cracked my WEP ( i need to get more computers and routers, cracking the same one is boring haha but good practice and training ) I thought that if i logged into my router and Port triggered certain ports then it would be easy for me to leave a foothold on my servers ( only 2 for now )

Now my question is, ( well im at work right now and this idea just hit me so i cant practice it yet or dl the router brute-forcer )
Can a host IDS detect router bruteforcing? Is there and IDS you can put on the router? Also are there logs on the router that can be viewed to see failed login attempts?

merci

-seven

p.s i need a fancy tag like xploitz!! lol

I think what you're looking for is a firewall that you can place in front of the router. CISCO sells a router IDS security bundle. It will definately log brute force attempts. The router itself has logs but typically only show network activity, not login attempts. If you have a Linksys WRT54 router, you can update the firmware to something like Sveasoft, DD-WRT, OpenWRT, or HyperWRT which may suit your needs.

p.s. you could make your own fancy tag too