WinGate Forums

[mcb]

Hey Gaters,

Below I have copied a paragraph from the Wingate Help file.

"Intrusion Logging. You are instantly alerted to any intrusion attempts or suspicious activity with a WinGate system log message (see Port Security).
© Qbik New Zealand Limited 2001"

I have a question regarding what actually is the "instant alert" and how you configure.

What i would like to do:

Have some alert that can tell me when an unknown IP address has made it on my internal network. Say that i am using the traditional internal class C subnet, how do i set it to alert when WAN IP's have become part of the network. And when i mean alert it is usually hepful that have something that comes to you instead of the vice of the verse.

Is there some scheme that i could set up in "Port security, IP Blackhole or Policies" that would accomplish this?

Thanks,

Matt

[Pascal]

From what I can see in the helpfile that refers to the ability to notify yourself when the port range is accessed. So in your case, I don't think that will do what you like.

However, NetPatrol could be well suited for that. It is an Intrusion Detection System and has a good array of logging, notification, etc. features. It is available on a trial license.

[genie]

Moreover, NetPatrol is able to communicate with Wingate so that if the potential intrustion is detected, NetPatrol automatically blocks the offender for the certain period of time and issues a warning, which can be delivered via email to the administrator.