Reproducible way to crash Netgear MR314 wireless router

Connect to UDP port 53 on either the WAN or LAN IP addresses of the MR314.
Type a few nonsense characters, and hit return a few times.

The router crashes, and then resets. I used the utility netcat to connect
to UDP port 53 ....

There is no reason why the MR314 should be listening on UDP port 53 on the
WAN interface. And I cannot find anyway to shut that port off.

FYI, the MR314 I tested has the most recent firmware:
V3.30(CF.0) | 4/25/2003

So, I don't know if this happens with older firmware versions.

Cheers,
Bev

[[ followup to an "old" but newly relevant to me post ;-) ]]

(E-Mail Removed) (Beverly A. Kupf) writes:
>
> Connect to UDP port 53 on either the WAN or LAN IP addresses of the MR314.
> Type a few nonsense characters, and hit return a few times.
>
> The router crashes, and then resets. I used the utility netcat to connect
> to UDP port 53 ....
>
> There is no reason why the MR314 should be listening on UDP port 53 on the
> WAN interface. And I cannot find anyway to shut that port off.

Although this isn't an excuse for crashing when fed junk, the router
must indeed listen on UDP port 53 on the WAN interface -- that's the way
UDP works -- it must listen on whatever port it uses as the source port
for outgoing DNS requests in order to accept the replies, and presumably
it uses port#53 as the source port.

Since the MR314 is not really a router but rather a NAT-based firewall,
there's no way to not have it act as a DNS proxy, at least so long as
any inside host needs/wants to use the public DNS.

> FYI, the MR314 I tested has the most recent firmware:
> V3.30(CF.0) | 4/25/2003

My "new" MR314, which I'm trying to use only as a bridge and access
point, is crashing every 10-30 minutes, even with no traffic. Sigh.

I've been trying to upload the 3.30 firmware to it for over an hour now
and every time I get nearly there it crashes again. There's a lot of
normal DNS traffic flying around on my LAN so maybe it's seeing
something it doesn't like, though no packets other than my FTP session
attempts are ether-addressed directly to the little bugger.

--
Greg A. Woods

+1 416 218-0098 VE3TCP RoboHack <(E-Mail Removed)>
Planix, Inc. <(E-Mail Removed)> Secrets of the Weird <(E-Mail Removed)>

On 29 Dec 2003 19:50:55 -0500,
Greg A. Woods ((E-Mail Removed)) wrote:
> [[ followup to an "old" but newly relevant to me post ;-) ]]
>
> (E-Mail Removed) (Beverly A. Kupf) writes:
>>
>> Connect to UDP port 53 on either the WAN or LAN IP addresses of the MR314.
>> Type a few nonsense characters, and hit return a few times.
>>
>> The router crashes, and then resets. I used the utility netcat to connect
>> to UDP port 53 ....
>>
>> There is no reason why the MR314 should be listening on UDP port 53 on the
>> WAN interface. And I cannot find anyway to shut that port off.
>
> Although this isn't an excuse for crashing when fed junk, the router
> must indeed listen on UDP port 53 on the WAN interface -- that's the way
> UDP works -- it must listen on whatever port it uses as the source port
> for outgoing DNS requests in order to accept the replies

I fully realize that. I am in the process of replacing my MR314 with
another router, so I did a little experiment where I connected the WAN
port of my MR314 to my Linux PC and listened with tcpdump. Outgoing
DNS queries are from high UDP ports (sequentially selected as far as
I can tell starting at 3296).

So, there is no reason for the MR314 to be listening to UDP 53 on the
WAN side .....

> I've been trying to upload the 3.30 firmware to it for over an hour now
> and every time I get nearly there it crashes again. There's a lot of
> normal DNS traffic flying around on my LAN so maybe it's seeing
> something it doesn't like, though no packets other than my FTP session
> attempts are ether-addressed directly to the little bugger.

Beverly
--
Bev A. Kupf
"The lyfe so short, the craft so long to lerne" -- Chaucer
Tintin turns 75 <http://www.tintin.com>