Jump to content

Welcome to Netduma Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. If you already have an account, login here - otherwise create an account for free today!
Photo

HTTPS Authentication for Adminstration of Netduma R1 necessary


  • Please log in to reply
1 reply to this topic

#1
insecure

insecure

    Junior Member

  • Members
  • PipPip
  • 2 posts
  • Local time: 04:23 PM

Netduma R1 should not allow insecure protocols, such as, but not limited to HTTP (TCP Port 80) or Telnet (TCP Port 23).  These protocols are insecure for passing user name and passwords.

 

Recommendation:

Add HTTPS support to the Web daemon being used on the Netduma R1 appliance.

Remove HTTP support, or give the option to override the default HTTPS option (with a warning banner)

Enable HTTPS support by default.

 

I would be happy to assist, or provide explicit documentation on this risk if necessary.  

 

Thank you for creating this great product, now let's make it secure!



#2
Netduma Fraser

Netduma Fraser

    Tech & Customer Support

  • Administrators
  • 18,307 posts
  • Local time: 10:23 PM

DumaOS will be available soon so this isn't needed but thanks for the feedback and offer!


Twitter/Facebook/YouTube/Twitch/Instagram/Steam Group/Discord

 

Official R1 Support Times: 10am - 6pm BST

World Clock

Official DumaOS/XR500 Support Times: 12pm - 2am BST



If you're having Settings or Hardware issues with the XR500 please go here and login to get the number for Netgear's 24/7 support line: http://support.netgear.com/





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users