Jump to content

Welcome to Netduma Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. If you already have an account, login here - otherwise create an account for free today!
Photo

Emerging Threats Blocking


  • Please log in to reply
4 replies to this topic

#1
SHANE523

SHANE523

    Member

  • Members
  • PipPip
  • 22 posts
  • Local time: 04:28 PM

I am coming from an EdgeRouter so bare with me.

 

With the EdgeMax we could script and use CLI for some setup. Before I purchased the XR500 I was monitoring my EdgeRouter using PRTG and noticed a lot of probing from Russia and China which got me to think I need to just block those IP blocks. There is no "easy" way to do this in any interface but someone had written a script to do this, it was a lightweight and I set mine up to run every couple of days through a cron job.

 

Is there a way something like this could be implemented for NetDuma?

 

Here is the site we used in the script to get the Emerging Threat IP addresses.

https://iplists.firehol.org/

 

 

Attached Files



#2
Netduma Fraser

Netduma Fraser

    Tech & Customer Support

  • Administrators
  • 18,307 posts
  • Local time: 10:28 PM

I could be wrong but I would say that the demand isn't there for most users. It's a gaming router with gaming features, it's not meant to have advanced features such as this that 99% of people wouldn't touch. As I say I could be wrong, if the demand was there that could be something the development team would look into but it's unlikely at this stage. Cool concept though for sure.


Twitter/Facebook/YouTube/Twitch/Instagram/Steam Group/Discord

 

Official R1 Support Times: 10am - 6pm BST

World Clock

Official DumaOS/XR500 Support Times: 12pm - 2am BST



If you're having Settings or Hardware issues with the XR500 please go here and login to get the number for Netgear's 24/7 support line: http://support.netgear.com/


#3
SHANE523

SHANE523

    Member

  • Members
  • PipPip
  • 22 posts
  • Local time: 04:28 PM

Yes it is a gaming router but it also acts as your network firewall. If it wasn't, why have NAT, UPnP and so on, just let everything through?

 

I would also think that there isn't a single person that has a router wouldn't want threats blocked before they could even attempt a hack.

I don't want to speculate on what users use on their networks, most may use nothing that they access from outside their home but I know more and more people are with security systems, cameras, media servers, SAN devices and so on. Those ports are typically forwarded which means those ports can be probed as open and someone can try and access the device. My personal experience is China probing port 3389 which is NOT a good thing! Fortunately I have a unique setup with strong passwords on top of it so I was "covered" but you never know.



#4
Netduma Crossy

Netduma Crossy

    Developer

  • Administrators
  • 6,453 posts
  • Local time: 10:28 PM
  • LocationUnited Kingdom

Hi Shane,

 

Thanks's fo the feedback. CLI access and running custom scripts isn't something we're going to support. It would be a tech support nightmare!

 

We are considering adding country blocking in the future which may be something you are interested in.

 

The software (unless UPnP is being used) won't open any ports unless they are specified by the user (through the Settings page on the interface). The router's inbuilt firewall blocks any remaining incoming packets by default.



#5
BIG__DOG

BIG__DOG

    Forum Legend

  • Moderators
  • 1,430 posts
  • Local time: 10:28 PM
  • LocationNear Manchester

you could run the netduma behind the edgerouter or edgerouter lite and run your script that way. Ubiquiti have just released this week v1.10  of edgemax incase you was unaware with some major upgrades to the firmware.

As Netduma have stated it is not something that the average consumer or gamer would want, use or know what to do as that is some heavy network tinkering.

 

https://community.ub...-0/ba-p/2233263

 

 

 

 

 

B.D






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users