Jump to content

Killhippie

DumaOS Insiders
  • Content Count

    1,412
  • Joined

  • Days Won

    26

Reputation Activity

  1. Like
    Killhippie got a reaction from el1t3st in 2.4 ghz WIFI not visible   
    Probably not helping you have two lots of 2Ghz running at the same time, one on the XR and one on the Trendnet. Have they both got the same SSID and password?
  2. Like
    Killhippie reacted to Netduma Fraser in R1 router stopped working   
    Ssshh don't reveal our technology, it's not too dissimilar from a Tardis if you catch my drift¬†ūüėČ
    You would be surprised, I have in the past seen that the router is not accessible/broken and having been unplugged for a long period of time (even longer than 24 hours sometimes months) a user will just try to use it and it will suddenly be working after previously leaving it unplugged for a little while and going back.
  3. Like
    Killhippie got a reaction from A1_Boston in ping-lag-shoot 1st die 1st   
    Why? Routers like the XR500 hold their value you could get a nice chunk back and get an Asus. They game really well, a few users on this forum use them. (no disrespect to Netduma) people use what suits them best. Wait for 3.0 and if its still not doing what you want, then move on.
  4. Like
    Killhippie got a reaction from GT9484 in NEW FEATURE ANNOUNCEMENT: CONNECTION BENCHMARK   
    The chosen one has risen! Bad number door to choose.
  5. Haha
    Killhippie got a reaction from Newfie in NEW FEATURE ANNOUNCEMENT: CONNECTION BENCHMARK   
    Quite please, beta testing behind is being done behind this closed door.

     
     
  6. Like
    Killhippie reacted to Netduma Fraser in NEW FEATURE ANNOUNCEMENT: CONNECTION BENCHMARK   
    I understand you're frustrated now but performing internal tests and then a beta are very different. Different user setups, ISPs, connection methods etc. We have to be cautious, if we did an immediate open beta and it bricked everyone's routers then that would be a lose lose situation and you would be way more annoyed then. More batches will be rolled out as and when, keep an eye on your emails.
  7. Like
    Killhippie reacted to Fuzy in NEW FEATURE ANNOUNCEMENT: CONNECTION BENCHMARK   
    I do not understand your relentlessness in wanting to test a beta with its lot of bugs? ... And which every time will disappoint you in part!
    Let there be time, you will undoubtedly be happy to be able to enjoy a stable version as soon as possible.
    The team has taken note of our grievances for over a year, I dare imagine that they will offer us a FW of god fire since time ....
  8. Like
    Killhippie reacted to Bishop in ANNOUNCEMENT: DUMAOS 3.0 IS HERE   
    What are you talking about many software companies offer enhancements for free for years.... IOS, Google, Windows 10 was free. Does new hardware come out sure, but i don't buy a new phone every update or a new pc every feature release
  9. Like
    Killhippie got a reaction from Zippy in XR300 Vulnerable to attack and hijack using a telnet backdoor   
    The issue is Zippy if you Google Asus, Zyxel, D-link, etc (who just abandoned a line of routers with critical firmware holes) they all have current issues. I'm thinking about getting a rack put in and some enterprise gear (second hand) and hardening my network, SOHO routers are just not great from any provider. The most basic of home routers probably all leak like sieves.
  10. Like
    Killhippie got a reaction from N3CR0 in ping-lag-shoot 1st die 1st   
    Got a fair price for mine too
  11. Like
    Killhippie got a reaction from raf1212 in XR300 Vulnerable to attack and hijack using a telnet backdoor   
    This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Netgear routers. Authentication is not required to exploit this vulnerability. At this time there is no patch for the XR300. So far 79 models are vulnerable. Turn off remote management if you have it on. Probably best to avoid the DMZ at this time too. Exploit code, developed by infosec outfit Grimm, is available on GitHub for all the models said to be vulnerable: it opens telnet daemon on port 8888, if successful.

     There's technical details here. The bugs lie in the web-based control panel of the Linux-powered equipment. It can be hijacked by sending it specially crafted data, bypassing the password protection, via the local network, or the internet if it is exposed to the world, or by tricking a victim into opening a webpage that automatically connects to the device on the LAN. Once exploited, the device can be commanded to open a backdoor, change its DNS and DHCP settings to redirect users to phishing websites, and so on. Many of these routers are EOL (end of life) and some date back all the way to 2007, but some like the R6700v3 have been patched already, but not its brother XR300! Keep an eye out for a hotfix.

    https://www.theregister.com/2020/06/19/netgear_bug_disclosure/

    https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobile-Routers-Modems-Gateways-and-Extenders
  12. Like
    Killhippie reacted to N3CR0 in ping-lag-shoot 1st die 1st   
    Sold mine after about 18 months, got most of my money back.
  13. Like
    Killhippie got a reaction from N3CR0 in ping-lag-shoot 1st die 1st   
    Why? Routers like the XR500 hold their value you could get a nice chunk back and get an Asus. They game really well, a few users on this forum use them. (no disrespect to Netduma) people use what suits them best. Wait for 3.0 and if its still not doing what you want, then move on.
  14. Like
    Killhippie reacted to N3CR0 in ping-lag-shoot 1st die 1st   
    A fair few of us did tbh.
  15. Like
    Killhippie got a reaction from N3CR0 in ping-lag-shoot 1st die 1st   
    Don't feel like this, just sell it if its not doing what you need. Netduma are a great company but not all hardware is a good fit for your needs.

  16. Like
    Killhippie got a reaction from N3CR0 in XR300 Vulnerable to attack and hijack using a telnet backdoor   
    This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Netgear routers. Authentication is not required to exploit this vulnerability. At this time there is no patch for the XR300. So far 79 models are vulnerable. Turn off remote management if you have it on. Probably best to avoid the DMZ at this time too. Exploit code, developed by infosec outfit Grimm, is available on GitHub for all the models said to be vulnerable: it opens telnet daemon on port 8888, if successful.

     There's technical details here. The bugs lie in the web-based control panel of the Linux-powered equipment. It can be hijacked by sending it specially crafted data, bypassing the password protection, via the local network, or the internet if it is exposed to the world, or by tricking a victim into opening a webpage that automatically connects to the device on the LAN. Once exploited, the device can be commanded to open a backdoor, change its DNS and DHCP settings to redirect users to phishing websites, and so on. Many of these routers are EOL (end of life) and some date back all the way to 2007, but some like the R6700v3 have been patched already, but not its brother XR300! Keep an eye out for a hotfix.

    https://www.theregister.com/2020/06/19/netgear_bug_disclosure/

    https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobile-Routers-Modems-Gateways-and-Extenders
  17. Thanks
    Killhippie reacted to Zippy in XR300 Vulnerable to attack and hijack using a telnet backdoor   
    I see the R6300 is on the list.. That router there was widely handed out by Spectrum here in the US. Its a freebee Spectrum gave out.. People like free so they rarely ever buy there own.. Specially if it works okay for them yet.. Spectrum being one of the largest ISP in the US makes me wonder how many are still floating around out there..
    Good post Killhippie!
    Zippy.
  18. Like
    Killhippie got a reaction from Newfie in ping-lag-shoot 1st die 1st   
    Don't feel like this, just sell it if its not doing what you need. Netduma are a great company but not all hardware is a good fit for your needs.

  19. Like
    Killhippie got a reaction from Zippy in XR300 Vulnerable to attack and hijack using a telnet backdoor   
    This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Netgear routers. Authentication is not required to exploit this vulnerability. At this time there is no patch for the XR300. So far 79 models are vulnerable. Turn off remote management if you have it on. Probably best to avoid the DMZ at this time too. Exploit code, developed by infosec outfit Grimm, is available on GitHub for all the models said to be vulnerable: it opens telnet daemon on port 8888, if successful.

     There's technical details here. The bugs lie in the web-based control panel of the Linux-powered equipment. It can be hijacked by sending it specially crafted data, bypassing the password protection, via the local network, or the internet if it is exposed to the world, or by tricking a victim into opening a webpage that automatically connects to the device on the LAN. Once exploited, the device can be commanded to open a backdoor, change its DNS and DHCP settings to redirect users to phishing websites, and so on. Many of these routers are EOL (end of life) and some date back all the way to 2007, but some like the R6700v3 have been patched already, but not its brother XR300! Keep an eye out for a hotfix.

    https://www.theregister.com/2020/06/19/netgear_bug_disclosure/

    https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobile-Routers-Modems-Gateways-and-Extenders
  20. Like
    Killhippie got a reaction from santa78 in XR300 Vulnerable to attack and hijack using a telnet backdoor   
    They are not on the list of vulnerable devices, only the XR300 is. Keep and eye on the Netgear official list to make sure. I would have thought if they were vulnerable  after two days now they would have been up on Netgears official list but but its better to be safe than sorry and check, for now you are safe.
    https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobile-Routers-Modems-Gateways-and-Extenders
  21. Like
    Killhippie got a reaction from santa78 in XR300 Vulnerable to attack and hijack using a telnet backdoor   
    This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Netgear routers. Authentication is not required to exploit this vulnerability. At this time there is no patch for the XR300. So far 79 models are vulnerable. Turn off remote management if you have it on. Probably best to avoid the DMZ at this time too. Exploit code, developed by infosec outfit Grimm, is available on GitHub for all the models said to be vulnerable: it opens telnet daemon on port 8888, if successful.

     There's technical details here. The bugs lie in the web-based control panel of the Linux-powered equipment. It can be hijacked by sending it specially crafted data, bypassing the password protection, via the local network, or the internet if it is exposed to the world, or by tricking a victim into opening a webpage that automatically connects to the device on the LAN. Once exploited, the device can be commanded to open a backdoor, change its DNS and DHCP settings to redirect users to phishing websites, and so on. Many of these routers are EOL (end of life) and some date back all the way to 2007, but some like the R6700v3 have been patched already, but not its brother XR300! Keep an eye out for a hotfix.

    https://www.theregister.com/2020/06/19/netgear_bug_disclosure/

    https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobile-Routers-Modems-Gateways-and-Extenders
  22. Like
    Killhippie got a reaction from Bert in XR300 Vulnerable to attack and hijack using a telnet backdoor   
    This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Netgear routers. Authentication is not required to exploit this vulnerability. At this time there is no patch for the XR300. So far 79 models are vulnerable. Turn off remote management if you have it on. Probably best to avoid the DMZ at this time too. Exploit code, developed by infosec outfit Grimm, is available on GitHub for all the models said to be vulnerable: it opens telnet daemon on port 8888, if successful.

     There's technical details here. The bugs lie in the web-based control panel of the Linux-powered equipment. It can be hijacked by sending it specially crafted data, bypassing the password protection, via the local network, or the internet if it is exposed to the world, or by tricking a victim into opening a webpage that automatically connects to the device on the LAN. Once exploited, the device can be commanded to open a backdoor, change its DNS and DHCP settings to redirect users to phishing websites, and so on. Many of these routers are EOL (end of life) and some date back all the way to 2007, but some like the R6700v3 have been patched already, but not its brother XR300! Keep an eye out for a hotfix.

    https://www.theregister.com/2020/06/19/netgear_bug_disclosure/

    https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobile-Routers-Modems-Gateways-and-Extenders
  23. Like
    Killhippie got a reaction from Fuzy in XR300 Vulnerable to attack and hijack using a telnet backdoor   
    This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Netgear routers. Authentication is not required to exploit this vulnerability. At this time there is no patch for the XR300. So far 79 models are vulnerable. Turn off remote management if you have it on. Probably best to avoid the DMZ at this time too. Exploit code, developed by infosec outfit Grimm, is available on GitHub for all the models said to be vulnerable: it opens telnet daemon on port 8888, if successful.

     There's technical details here. The bugs lie in the web-based control panel of the Linux-powered equipment. It can be hijacked by sending it specially crafted data, bypassing the password protection, via the local network, or the internet if it is exposed to the world, or by tricking a victim into opening a webpage that automatically connects to the device on the LAN. Once exploited, the device can be commanded to open a backdoor, change its DNS and DHCP settings to redirect users to phishing websites, and so on. Many of these routers are EOL (end of life) and some date back all the way to 2007, but some like the R6700v3 have been patched already, but not its brother XR300! Keep an eye out for a hotfix.

    https://www.theregister.com/2020/06/19/netgear_bug_disclosure/

    https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobile-Routers-Modems-Gateways-and-Extenders
  24. Like
    Killhippie got a reaction from Newfie in XR300 Vulnerable to attack and hijack using a telnet backdoor   
    This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Netgear routers. Authentication is not required to exploit this vulnerability. At this time there is no patch for the XR300. So far 79 models are vulnerable. Turn off remote management if you have it on. Probably best to avoid the DMZ at this time too. Exploit code, developed by infosec outfit Grimm, is available on GitHub for all the models said to be vulnerable: it opens telnet daemon on port 8888, if successful.

     There's technical details here. The bugs lie in the web-based control panel of the Linux-powered equipment. It can be hijacked by sending it specially crafted data, bypassing the password protection, via the local network, or the internet if it is exposed to the world, or by tricking a victim into opening a webpage that automatically connects to the device on the LAN. Once exploited, the device can be commanded to open a backdoor, change its DNS and DHCP settings to redirect users to phishing websites, and so on. Many of these routers are EOL (end of life) and some date back all the way to 2007, but some like the R6700v3 have been patched already, but not its brother XR300! Keep an eye out for a hotfix.

    https://www.theregister.com/2020/06/19/netgear_bug_disclosure/

    https://kb.netgear.com/000061982/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Mobile-Routers-Modems-Gateways-and-Extenders
  25. Like
    Killhippie got a reaction from Newfie in DumaOS 3.0 Beta   
    Fixed after to much neck pain.  

×
×
  • Create New...