Go | New | Find | Notify | Tools | Reply |
Nullus Anxietas |
TL;DR: If you don't know what you're about, tech-/networking-wise, probably best to replace anything that's one of the 45 NetGear devices listed in the The Register article below. Yes, this is that bad. If you are tech-savvy, and you know the web interface isn't accessible from the Internet, and you know your WiFi network is relatively secure: You probably needn't panic, but you should replace the unsupported equipment as soon as feasible, anyway. "Live proof-of-concept code" means Bad Guys will have exploit scripts ready to go soon, if they don't already, and will be scanning the 'net looking for vulnerable devices. Make no mistake: They will find them.
Full article: If you own one of these 45 Netgear devices, replace it: Kit maker won't patch vulnerable gear despite live proof-of-concept code Relevant NetGear Support Article: Security Advisory for Multiple Vulnerabilities on Some Routers, Mobile Routers, Modems, Gateways, and Extenders CERT Vulnerability Note: Netgear httpd upgrade_check.cgi stack buffer overflow - Vulnerability Note VU#576779 "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | ||
|
Nullus Anxietas |
Bump for those who may have missed it, being as I posted it very late last night. "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | |||
|
Thank you Very little |
Thanks, checked mine, not on the hot list of out of service, version on mine shows updated to the latest driver/firmware revision | |||
|
The One True IcePick |
Stuff like this are why I encourage people to consider pfSense for their home firewalls. The initial price is higher but they are supported for much longer. You also have to buy an access point (or turn your old wireless router into one) Netgate pfSense systems I purchased in 2013 are still receiving free patches. | |||
|
Member |
Thanks, checked mine not on the list. Living the Dream | |||
|
Drill Here, Drill Now |
Thanks! Mine is not on the list and double checked that I'm running the latest firmware. I'm holding onto my wifi router in hopes real 5G (i.e. not the half-assed version being falsely advertised now) comes to my neighborhood. Ego is the anesthesia that deadens the pain of stupidity DISCLAIMER: These are the author's own personal views and do not represent the views of the author's employer. | |||
|
Nullus Anxietas |
The problem with pfsense and the like, eyrich, is they tend not to be particularly non-tech-user-friendly. And where do users go for tech support? Web forums? Have you seen what happens to annoyed non-tech-savvy end-users who go to such places for clueless newbie support? It often ain't pretty. Besides: Infinite updates only matter if people actually, you know, update--which, evidence indicates, few do. I'd like to add: I still use a limited amount of NetGear ProSafe product, but only in cases where I can't find equivalent, or better, prosumer-or-better gear at roughly the same price/performance point. I'm not particularly enamored of NetGear. "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | |||
|
Political Cynic |
I have an AC1900 - not on the list | |||
|
Member |
Amen to both. I inherited a Netgate pfsense at my office. Extremely feature-rich, but a very steep learning curve. I've been configuring Linux firewalls; some are a piece of cake, some are more complex, but if I had to do it all over again, I'd have no qualms getting pfsense. Years ago, I had an old LinkSys WRT54G router. Then I came across an article titled, "How to turn your $60 router into a $600 router" using DD-WRT software. I followed the directions, and then for six or seven years, I had a great, secure router. When I moved, I had to use my new ISP's hardware. DD-WRT is still available. It's FREE. They have a database of supported routers, Netgear among them. So, you may not have to toss out your hardware just yet... You can't truly call yourself "peaceful" unless you are capable of great violence. If you're not capable of great violence, you're not peaceful, you're harmless. NRA Benefactor/Patriot Member | |||
|
Member |
Question. My current router is a Netgear WNDR3700v2. Per the list of routers in your post, I see the WNDR3700v3 listed as one of the 45 affected routers. Does that mean my older v2 is unaffected? I don't wish to assume anything here. ----------------------------- Guns are awesome because they shoot solid lead freedom. Every man should have several guns. And several dogs, because a man with a cat is a woman. Kurt Schlichter | |||
|
Member |
Can you tech savvy people help us non-tech savvy folks out? I need some translations into simple English. I have one of the routers on the list. 1. Internet comes in to house via cable. Connects to cable modem. I connect the router to the cable modem. All devices in the house connect to the router via hardwire or wifi. Does this help mitigate risk or not? 2. What happens if my router gets attacked? What can a hacker do? 3. What's a parity or better router company model? Recommendations for replacement router - sounds like this is not netgears first rodeo and they have a series of security issues. I usually buy routers at Costco. Currently they only have Netgear and another company (TP-Link Archer?). Should I just keep my router for a few more month until wifi 6e routers are available? Cross TP-Link off the list - PRC company. Dlink? Cisco/Linksys? Apple? "Wrong does not cease to be wrong because the majority share in it." L.Tolstoy "A government is just a body of people, usually, notably, ungoverned." Shepherd Book | |||
|
Shit don't mean shit |
Thanks for posting this. My 2 year old Netgear router is NOT on the list. I did need to update my firmware for it though. | |||
|
Member |
So just how old are these "outside the security support period" devices? If it ain't woke... don't fix it. | |||
|
Member |
Bought mine in 2018 "Wrong does not cease to be wrong because the majority share in it." L.Tolstoy "A government is just a body of people, usually, notably, ungoverned." Shepherd Book | |||
|
Nullus Anxietas |
Wise not to assume. My suspicion, based upon an abundance of caution, would be that it would be affected, but the only way to know for sure would be to contact NetGear. It might be the v2 uses a different architecture entirely and is indeed unaffected.
It does NOT
Very little they could not do. I could go on for paragraph-upon-paragraph describing ways in which you and the rest of the Internet could be exploited by that happening. Here's two: They redirect things to places of their choosing, which, in turn, gives your network answers to bogus sites that look real. You go to a site, enter your login credentials, they throw up a realistic error page suggesting you typed you password wrong or something, then refresh you, via a redirect, to the legitimate site. They now have your login credentials and you have no clue. They install a 'bot (short for "robot") on your router, that listens to a command-and-control (C&C) node somewhere on the Internet. Somebody wants to hurt a business, financial, or government installation. Botnet operator sells or rents them the botnet that includes your router. Your router takes part in a DDoS (Distributed Denial of Service) attack. (Subsequently, your ISP notices or is appraised of what "you" are doing and shuts off your Internet connection.) They turn off what (often) minimal firewalling protection your router gave you, giving them open access to your entire LAN and everything connected to it. These are not "Chicken Little" scenarios. They happen. They happen a lot. You should see my daily log analyses of attack attempts from the 'net. And that's just summaries of things that could possibly be exploited. I don't even bother to look at attempts that cannot possibly succeed.
That, too, could take paragraphs. And I'm not a good resource, cuz I tend to got with higher-end, more powerful hardware, that is not very user-friendly for non-tech-savvy types at all.
Nearly everybody has security issues from time-to-time. It's how they handle them that's important, here, and NetGear is abandoning their customers and hurting the Internet as a whole thereby. "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | |||
|
You'll Shoot Your Eye Out! |
Thanks for posting this. I looked a little and one of the affected routers that a family member has is still being sold by Netgear on Amazon. Odd https://www.amazon.com/NETGEAR...DR3400/dp/B0041LYY6K | |||
|
Member |
well I have the WNDR4500v2 router that's on the list. We're on a fiber optic network and don't have a modem. So, guessing I need to replace it, the question becomes with what? | |||
|
Member |
What about DSL modem/routers. Can I trust them to protect my network or do I need a router behind it | |||
|
member |
I really don't know if they can be trusted or not, but I always assume not. My VDSL modem/router device is neutered. It does only one thing, it is a modem. Routing, DHCP, Wi-fi, and DNS are offloaded to dedicated devices designed to perform those functions well. I would use the same network design plan no matter what the ISP connection device is. All-in-one devices usually do one thing well, and the rest is added on for end-user convenience. "Wi-fi routers" become simply routers in my world. I don't buy them anyway, but if I had to use one, it would be neutered same as my VDSL modem. When in doubt, mumble | |||
|
Member |
The router I had prior to current one was a Netgear. Was nothing but trouble, poor performance and security issues. I replaced it with an Asus RT-AC3200 which immediately got flashed with Advanced Tomato firmware (basically a full-feature GUI overlaid on Tomato by Shibby). It hasn't been updated in two years, and this year botnets have started targeting Tomato-flashed devices. The exploit is predicated on default credentials and remote administration being on. I have neither. When this one finally gives up the ghost, I'll be back on DD-WRT looking for a newer unit from their supported list. | |||
|
Powered by Social Strata | Page 1 2 |
Please Wait. Your request is being processed... |