[ Date Index ]
[ Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Re: [LUG] Netgear Router
- To: "list@xxxxxxxxxxxxx" <list@xxxxxxxxxxxxx>
- Subject: Re: [LUG] Netgear Router
- From: mr meowski <mr.meowski@xxxxxxxx>
- Date: Thu, 9 Nov 2017 20:19:34 +0000
- Accept-language: en-GB, en-US
- Authentication-results: dcglug.org.uk; dkim=none (message not signed) header.d=none;dcglug.org.uk; dmarc=none action=none header.from=live.com;
- Content-id: <FCAA04B418B64549B3B1996F8C1CB0BE@eurprd09.prod.outlook.com>
- Content-language: en-US
- Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dclug.org.uk; s=1507453562; h=Sender:Content-Transfer-Encoding:Content-Type:Reply-To:List-Subscribe:List-Help:List-Post:List-Unsubscribe:List-Id:Subject:MIME-Version:Content-ID:In-Reply-To:References:Message-ID:Date:To:From; bh=c8ZDJljIQedvWFOdqzwSMM0zitbjU+Adnxhl2KY+Z4c=; b=zcP2PtZTSYuzsbJR2qQDHvitNsAUNBiAtU2U4eCEqYyYVSASxY/CzMbigJ7+KhOArqs9t06V8zdWPLd7vKRRf154uwtslxN5koP1fX65wjzfmuGvL9opS1RhDF+N+AgXfuNIwBjw0Sh6pJS7o0E2W42BxcDviB6HryfdZO4IqaI=;
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=live.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=3VD5JRTfMAdY63HoKcAOigc3Ai3bJKI6F0W1SRNneok=; b=jhCDpgMbJoNFUFJCepR/l6iclU+i2PpduBsBUvw1eS9kIIPkhgjDpgHnCktOtmMeDJJYBRYKxmb61SYMsEjySQhF2D1BuD/PNGTQiCHJBjU97nBLaMEO4K5LIRD1+971HNIniUYDOesgm+abDbD6BfXWPjuXAG5vGMGSbPr13YTN6QQVFMrwTSImGOew5zQtqnS1DiMy2+mz71F5kPjtmch4ZA6DbYQq+MvkmArOsIQUG2gNXIxwFGOIzD/XjoA6bbLgJ8g/FWQN+DroG9hzVABhNFCQxvLIslZSUvGCRwAtXLD/IZ/8OIm5OwLAvhUySq5+fdynJXY9drypZfmctA==
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
- Thread-index: AQHTWWwimcyH+r/Z/kmHKu+uGC1CTKMMMUYAgAADxoCAAD90gIAACMIA
- Thread-topic: [LUG] Netgear Router
On 09/11/17 19:48, Neil wrote:
> I suppose, since I have had this router for nearly four years, I could
> always get a new, and hopefully better, one. Or are they all as bad as
> each other?
The vast majority of SOHO modem/router boxes, especially ones tinkered
with by ISPs, are absolutely terrible in terms of security, yes. There
are exceptions and reflashing your router with an opensource distro can
definitely help but you might as well assume the entire class of
products is unfit for purpose. Put a "proper" firewall/gateway unit in
between your router and your network and cripple the router to make it
as "dumb" as possible - this usually entails putting it into modem mode
rather than router mode if possible, disabling all functionality, remote
admin interfaces, radio activity, the lot.
Your router however is such a piece of crap it probably is due for
replacement urgently - it has more holes in it than a sieve and if you
haven't patched it for years you can pretty much just breeze through to
completely compromising it in a couple of minutes. And so can anyone
else. Here's two more insta-pwns:
https://www.exploit-db.com/exploits/31617/
https://www.rapid7.com/db/modules/auxiliary/admin/http/netgear_soap_password_extractor
Ouch.
Cheers
--
The Mailing List for the Devon & Cornwall LUG
https://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq
