Netgear DG834 - Vulnerabilities

From my own experience many Netgear DG834-series devices
leave ports OPEN and "UNSTEALTHED" by default.

I believe i've easily fixed this in my DG834.

Can any using DG834-series devices test these known ports
and post what their models , firmware-versions (if known) ,
and results are?

I'm more than happy to share my fix , if any have need of it.

Please test/scan TCP ports 1863 , 1864 , 4443 , 5190 , 5566 ,
and the range 40000 - 40099 AND the UDP port-range 40000 - 40100.

On my Netgear DG834v2 (wired-ethernet) , the above ports were
OPEN and/or "UNSTEALTHED" by the DEFAULT firewall-rules. The
administrative web-interface lied.

I'm not exactly sure how many Netgear models and/or firmware-versions
are affected , given the increasing popularity of these devices ,
such as most recently with Sky Broadband , it would seem scandalous
if many are being put at risk and have not been warned.

There are many sites that provide testing:



https://www.grc.com/x/ne.dll?bh0bkyd2


http://www.pcflank.com/


http://www.linux-sec.net/Audit/nmap.test.gwif.html



Be sure to TEMPORARILY disable your DG834's "DOS/Attack"
feature before testing , otherwise if you scan too many
ports at once your device will probably not allow all of
your requested ports to be tested properly.

Anonymous <(E-Mail Removed)> wrote:

> Please test/scan TCP ports 1863 , 1864 , 4443 , 5190 , 5566

Nope, all stealth on my Netgear DG834v2, default rules.

--
Pd

In message <(E-Mail Removed) ixmin.net>,
Anonymous <(E-Mail Removed)> writes
>From my own experience many Netgear DG834-series devices
>leave ports OPEN and "UNSTEALTHED" by default.
>
>I believe i've easily fixed this in my DG834.
>
>Can any using DG834-series devices test these known ports
>and post what their models , firmware-versions (if known) ,
>and results are?
>
>I'm more than happy to share my fix , if any have need of it.
>
>Please test/scan TCP ports 1863 , 1864 , 4443 , 5190 , 5566 ,
>and the range 40000 - 40099 AND the UDP port-range 40000 - 40100.
>
>On my Netgear DG834v2 (wired-ethernet) , the above ports were
>OPEN and/or "UNSTEALTHED" by the DEFAULT firewall-rules. The
>administrative web-interface lied.
>
>I'm not exactly sure how many Netgear models and/or firmware-versions
>are affected , given the increasing popularity of these devices ,
>such as most recently with Sky Broadband , it would seem scandalous
>if many are being put at risk and have not been warned.
>
>There are many sites that provide testing:
>
>
>
>https://www.grc.com/x/ne.dll?bh0bkyd2
>
>
>http://www.pcflank.com/
>
>
>http://www.linux-sec.net/Audit/nmap.test.gwif.html
>
>
>
>Be sure to TEMPORARILY disable your DG834's "DOS/Attack"
>feature before testing , otherwise if you scan too many
>ports at once your device will probably not allow all of
>your requested ports to be tested properly.
This has been an ongoing issue with various releases of the firmware.

The latest release from Netgear (DG834G V1) V3.01.25 does not exhibit
the vulnerabilities
--
Peter R Cook