Jump to content

Killhippie

DumaOS Insiders
  • Content Count

    1,283
  • Joined

  • Days Won

    26

Reputation Activity

  1. Like
    Killhippie got a reaction from raf1212 in XR300 Vulnerable to attack and hijack using a telnet backdoor   
    This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Netgear routers. Authentication is not required to exploit this vulnerability. At this time there is no patch for the XR300. So far 79 models are vulnerable. Turn off remote management if you have it on. Probably best to avoid the DMZ at this time too. Exploit code, developed by infosec outfit Grimm, is available on GitHub for all the models said to be vulnerable: it opens telnet daemon on port 8888, if successful.

     There's technical details here. The bugs lie in the web-based control panel of the Linux-powered equipment. It can be hijacked by sending it specially crafted data, bypassing the password protection, via the local network, or the internet if it is exposed to the world, or by tricking a victim into opening a webpage that automatically connects to the device on the LAN. Once exploited, the device can be commanded to open a backdoor, change its DNS and DHCP settings to redirect users to phishing websites, and so on. Many of these routers are EOL (end of life) and some date back all the way to 2007, but some like the R6700v3 have been patched already, but not its brother XR300! Keep an eye out for a hotfix.

    https://www.theregister.com/2020/06/19/netgear_bug_disclosure/

    https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobile-Routers-Modems-Gateways-and-Extenders
  2. Like
    Killhippie got a reaction from santa78 in XR300 Vulnerable to attack and hijack using a telnet backdoor   
    They are not on the list of vulnerable devices, only the XR300 is. Keep and eye on the Netgear official list to make sure. I would have thought if they were vulnerable  after two days now they would have been up on Netgears official list but but its better to be safe than sorry and check, for now you are safe.
    https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobile-Routers-Modems-Gateways-and-Extenders
  3. Like
    Killhippie got a reaction from N3CR0 in XR300 Vulnerable to attack and hijack using a telnet backdoor   
    This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Netgear routers. Authentication is not required to exploit this vulnerability. At this time there is no patch for the XR300. So far 79 models are vulnerable. Turn off remote management if you have it on. Probably best to avoid the DMZ at this time too. Exploit code, developed by infosec outfit Grimm, is available on GitHub for all the models said to be vulnerable: it opens telnet daemon on port 8888, if successful.

     There's technical details here. The bugs lie in the web-based control panel of the Linux-powered equipment. It can be hijacked by sending it specially crafted data, bypassing the password protection, via the local network, or the internet if it is exposed to the world, or by tricking a victim into opening a webpage that automatically connects to the device on the LAN. Once exploited, the device can be commanded to open a backdoor, change its DNS and DHCP settings to redirect users to phishing websites, and so on. Many of these routers are EOL (end of life) and some date back all the way to 2007, but some like the R6700v3 have been patched already, but not its brother XR300! Keep an eye out for a hotfix.

    https://www.theregister.com/2020/06/19/netgear_bug_disclosure/

    https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobile-Routers-Modems-Gateways-and-Extenders
  4. Like
    Killhippie got a reaction from Zippy in XR300 Vulnerable to attack and hijack using a telnet backdoor   
    This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Netgear routers. Authentication is not required to exploit this vulnerability. At this time there is no patch for the XR300. So far 79 models are vulnerable. Turn off remote management if you have it on. Probably best to avoid the DMZ at this time too. Exploit code, developed by infosec outfit Grimm, is available on GitHub for all the models said to be vulnerable: it opens telnet daemon on port 8888, if successful.

     There's technical details here. The bugs lie in the web-based control panel of the Linux-powered equipment. It can be hijacked by sending it specially crafted data, bypassing the password protection, via the local network, or the internet if it is exposed to the world, or by tricking a victim into opening a webpage that automatically connects to the device on the LAN. Once exploited, the device can be commanded to open a backdoor, change its DNS and DHCP settings to redirect users to phishing websites, and so on. Many of these routers are EOL (end of life) and some date back all the way to 2007, but some like the R6700v3 have been patched already, but not its brother XR300! Keep an eye out for a hotfix.

    https://www.theregister.com/2020/06/19/netgear_bug_disclosure/

    https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobile-Routers-Modems-Gateways-and-Extenders
  5. Like
    Killhippie got a reaction from santa78 in XR300 Vulnerable to attack and hijack using a telnet backdoor   
    This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Netgear routers. Authentication is not required to exploit this vulnerability. At this time there is no patch for the XR300. So far 79 models are vulnerable. Turn off remote management if you have it on. Probably best to avoid the DMZ at this time too. Exploit code, developed by infosec outfit Grimm, is available on GitHub for all the models said to be vulnerable: it opens telnet daemon on port 8888, if successful.

     There's technical details here. The bugs lie in the web-based control panel of the Linux-powered equipment. It can be hijacked by sending it specially crafted data, bypassing the password protection, via the local network, or the internet if it is exposed to the world, or by tricking a victim into opening a webpage that automatically connects to the device on the LAN. Once exploited, the device can be commanded to open a backdoor, change its DNS and DHCP settings to redirect users to phishing websites, and so on. Many of these routers are EOL (end of life) and some date back all the way to 2007, but some like the R6700v3 have been patched already, but not its brother XR300! Keep an eye out for a hotfix.

    https://www.theregister.com/2020/06/19/netgear_bug_disclosure/

    https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobile-Routers-Modems-Gateways-and-Extenders
  6. Like
    Killhippie got a reaction from Bert in XR300 Vulnerable to attack and hijack using a telnet backdoor   
    This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Netgear routers. Authentication is not required to exploit this vulnerability. At this time there is no patch for the XR300. So far 79 models are vulnerable. Turn off remote management if you have it on. Probably best to avoid the DMZ at this time too. Exploit code, developed by infosec outfit Grimm, is available on GitHub for all the models said to be vulnerable: it opens telnet daemon on port 8888, if successful.

     There's technical details here. The bugs lie in the web-based control panel of the Linux-powered equipment. It can be hijacked by sending it specially crafted data, bypassing the password protection, via the local network, or the internet if it is exposed to the world, or by tricking a victim into opening a webpage that automatically connects to the device on the LAN. Once exploited, the device can be commanded to open a backdoor, change its DNS and DHCP settings to redirect users to phishing websites, and so on. Many of these routers are EOL (end of life) and some date back all the way to 2007, but some like the R6700v3 have been patched already, but not its brother XR300! Keep an eye out for a hotfix.

    https://www.theregister.com/2020/06/19/netgear_bug_disclosure/

    https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobile-Routers-Modems-Gateways-and-Extenders
  7. Like
    Killhippie got a reaction from Newfie in DumaOS 3.0 Beta   
    Fixed after to much neck pain.  

  8. Like
    Killhippie reacted to chriskrojs in Blocked from netduma forums while on xr500   
    Interesting. Can honestly say I don’t do dodgy things. Wouldn’t even know how haha. Ill give that a go thanks. I’m in Australia also. Cheers. 
  9. Like
    Killhippie reacted to Zennon in Fttp   
    Being close to the cabinet does not make your ping lower it will however give you a lot of SNRM headroom.
    Being close to your ISP and your ISP having good routing will give you the lowest ping.
  10. Haha
    Killhippie reacted to Sherman85 in ANNOUNCEMENT: DUMAOS 3.0 IS HERE   
    Checking email for 15 days.

  11. Like
    Killhippie reacted to Netduma Alex in Xr700   
    It could be that your old cable was faulty, or perhaps you were using something lower than cat6 or 5e.
    Either way i'm happy that you've got crispy crispy games, but it's worth bearing in mind that the XR500 and XR700 can't handle more than 1gig on a port, and even if they could, games uses so little bandwidth that it would be unlikely to affect the crispiness.
  12. Like
    Killhippie reacted to xfalax in Xr700   
    Placebo effect...no difference between Cat 6 to Cat8 (at 1Gbps speeds) and less in ping values.
  13. Like
    Killhippie got a reaction from Newfie in ANNOUNCEMENT: DUMAOS 3.0 IS HERE   
    It's Netduma that have not updated the XR500 with DumaOS patches, not Netgear. Netduma hold the licence for their product, Netgear cant magically patch it for them. The reason you have not seen a Duma update since December 2018 when Milestone 1.3 came out is because they didn't patch their product which is still beyond my comnprehension, I have never seen a comany create a OS then not offer patches for the problems that plagued Milestone 1.3 Also they decided to in the middle of doing milestones to change direction and re-write the OS and along came DumaOS 3.0, so why are you blaming Netgear?  Its a Netduma's code that needed patching, Netgear sat waiting for code to do something with I imagine After all the hardware in the XR500 is only a R7800 with a bit more Flash NAND the hardware is 5 years (Soc IPQ 8065) even though the PCB's are new, so it should all be pretty stable by now as far as drivers etc.
  14. Like
    Killhippie got a reaction from Newfie in Help with Vodaphone Fibre Broadband   
    Using DMZ means that it will have all its router ports open and respond to internet queries and pings though, that must weaken security surely, because the router you are using as a modem is now open to attack and this is the primary connection to your ISP. I see your point about the firewall but its still in my view reduced the level of security of your network. A straight modem or fully bridged router is always going to be safer.
  15. Like
    Killhippie got a reaction from Newfie in Help with Vodaphone Fibre Broadband   
    Or get a modem, its so much simpler and more secure. With DMZ you identify your network areas. Internal: critical systems; DMZ: systems you can afford to be "exposed", systems you want to host services to the outside world, e.g. your SSH hosts; External: the rest of the world, you set up these separate areas on your network. Your firewalls/routers are then configured to allow direct connections from the outside world only to the DMZ. Correspondingly, your internal systems should be able to connect only to the DMZ and access the outside world via HTTPS, application proxies, mail relays etc. there. Your firewall rules should reflect these decisions by blocking the corresponding traffic directions/IPs/ports: e.g. inward allow only ports for services operating in the DMZ etc. Ideally you should configure any services exchanging information between network areas (internal, DMZ, external) to be initiated from the most secure network segment to the less secure areas, e.g. If you need to transfer files to "inside" hosts have the inside systems initiate the transfer (have the client role, rather than the server role).
     Basically with your network, a zone (demilitarized zone) may be a physical or logical sub-network that separates an inside native space network (LAN) from different untrusted networks, sometimes the net. External-facing servers, resources and services are placed within the zone so that they are accessible from the net however the remainder of the interior computer network remains unreached. This provides an extra layer of security to the computer network because it restricts the power of hackers to directly access internal servers and information via the net.
  16. Like
    Killhippie reacted to iMoD1998 in Help with Vodaphone Fibre Broadband   
    @Crlsn so is your vodafone router in modem mode because if not, you may face double nat issues which is one of the reasons which is why you should use a modem as you would essentially be double routing. Pretty sure you would lose some speed aswell but dont quote me.

    https://kb.netgear.com/30186/What-is-Double-NAT

    One of the ways of getting around double nat is by setting the DMZ IP address on your vodafone router to the address of your XR500 as it forwards everyport to your XR500 which then manages itself but in my opinion the modem is the more elegent solution as its just plug and play.
  17. Like
    Killhippie got a reaction from Crlsn in How do I set internet up on my XR500 WITHOUT modem?   
    Yes you can as seen here https://support.aa.net.uk/Router_-_EchoLife_HG612 (info courteously of Newfie because he is moaning on FaceTime I got in first) 
     
  18. Like
    Killhippie got a reaction from Newfie in How do I set internet up on my XR500 WITHOUT modem?   
    Yes you can as seen here https://support.aa.net.uk/Router_-_EchoLife_HG612 (info courteously of Newfie because he is moaning on FaceTime I got in first) 
     
  19. Haha
    Killhippie reacted to Newfie in How do I set internet up on my XR500 WITHOUT modem?   
    Bloody cheek! 
  20. Like
    Killhippie got a reaction from Crlsn in How do I set internet up on my XR500 WITHOUT modem?   
    Unlocked HG612 would give you stats and have latest firmware, here is a link. Good luck buy now units cost more cash. https://www.ebay.co.uk/c/1452457135
  21. Like
    Killhippie reacted to iMoD1998 in How do I set internet up on my XR500 WITHOUT modem?   
    HG612 3B or ECI-B. Best if you can match the same brand to your cabinet but either will work and can be found all over ebay from £20-£30.
  22. Like
    Killhippie got a reaction from iMoD1998 in How do I set internet up on my XR500 WITHOUT modem?   
    Exactly what iMoD1998 said. You need a modem. If you cant get past the modem stage or understand why you need one, maybe this isn't the best router for you. Please note I mean no offence its just you may struggle with the XR500's settings. Just to help clarify you have modem routers which are routers with a built in modem, like your Vodafone unit. Then you have routers like the XR500 and they need a separate modem because they don't have one built in.
  23. Like
    Killhippie got a reaction from Newfie in How do I set internet up on my XR500 WITHOUT modem?   
    Exactly what iMoD1998 said. You need a modem. If you cant get past the modem stage or understand why you need one, maybe this isn't the best router for you. Please note I mean no offence its just you may struggle with the XR500's settings. Just to help clarify you have modem routers which are routers with a built in modem, like your Vodafone unit. Then you have routers like the XR500 and they need a separate modem because they don't have one built in.
  24. Like
    Killhippie reacted to iMoD1998 in How do I set internet up on my XR500 WITHOUT modem?   
    Simply put, you need a modem.
  25. Like
    Killhippie reacted to Netduma Alex in Help with Vodaphone Fibre Broadband   
    So you connect to your Vodafone router from the hole in the wall? That means the router has an internal modem.
    You have two options at this point:
    Obtain a standalone modem for your connection type. I personally use a Draytek Vigor. It didn't take any configuration on the modem itself, I just had to enter my PPPoE details on my Netduma router. However, I have BT Infinity, so perhaps your results would vary? Set up your DumaOS router underneath your existing router. In order for this to work, you'll want to disable WiFi on the Vodafone router, and make sure that the only connected LAN device is the DumaOS router. Connect a LAN port on the Vodafone to the WAN port on the XR500. Once you have internet on the XR500, connect all of your devices to it. You may need to configure DMZ on the Vodafone router after this to get rid of Double NAT errors. I can help you to do that.
×
×
  • Create New...