Netgear DG834G V2 - security issue

Discussion in 'Broadband' started by drjon, Feb 25, 2006.

  1. drjon

    drjon Guest

    For those thinking of purchasing the Netgear DG834G V2. Note that there
    is a security issue. Before I go into this I should say apart from this
    it has been rock solid. I have had a Netgear router for a couple of
    years now and have been and am very happy with it.

    Well happy except for when it died. I had a V1 which was rock solid, on
    23/7, until it stopped connecting to the (asdl) internet. But and an
    important but, Netgear were very good on replacing it. I was sent a V2
    but this also did not connect to the internet! They then sent me
    another V2 which has been rock solid.

    Security issue (btw I have XP SP2) :

    Login as Admin and

    1. Go to : Maintenance, Attached devices - this does not show all
    attached devices connecting to the router. At the moment I have 1 PC
    connected via lan cable and 3 via wlan. Only 1 of the wlan PCs can be
    seen as being attached and that is intermittent ie just did a refresh
    and it has gone.

    2. Go to : LAN IP Setup : Address Reservation - if you reserve an IP
    address for a given PC ie it's MAC you will find that it does not work
    ie I have a PC connecting to the router via WLAN but it did not get
    the IP address reserved for it (it's MAC - checked and it's the
    correct MAC). And worse still a second PC subsequently connecting via
    WLAN obtained that reserved address! Again security issue.

    Are Netgear aware? Yes I have been waiting for a fix now since, wait
    for it : 11/2/2005 7:55:00 PM. I have tried all their suggestions.
    They even closed the case once without resolving the issue (Netgear,
    "please note that Online Technical Submissions are closed automatically
    after sometime.") But they have reopened it - Monday, November 14,
    2005.


    I assume at some point there will be a fix.
     
    drjon, Feb 25, 2006
    #1
    1. Advertisements

  2. : For those thinking of purchasing the Netgear DG834G V2. Note that there
    : is a security issue. Before I go into this I should say apart from this
    : it has been rock solid. I have had a Netgear router for a couple of
    : years now and have been and am very happy with it.

    I'm sorry but I don't think your problem should be classified as a security
    issue!

    Also is does not happen to me...perhaps it is WLAN only. A PC connected
    via a RJ45 cable has a reserved address which is has *NEVER* missed getting
    correctly.
     
    Brian McIlwrath, Feb 25, 2006
    #2
    1. Advertisements

  3. drjon

    Dennis Guest

    Can you cut out the technical descriptions and just say what the security
    problem is?
    Just a line or two describing the actual security issue will do. The main
    problem with wireless setups is others connecting to them due to lack of
    knowledge by the owner.
     
    Dennis, Feb 25, 2006
    #3
  4. The only "risk" I see is that any special firewall or port forwarding
    privileges granted to one particular LAN IP address may be made available
    to the wrong client hardware which acquires that reserved address.

    Tony
     
    Anthony R. Gold, Feb 26, 2006
    #4
  5. drjon

    drjon Guest

    Both of the following to me are security issues:

    1) I wanted to restrict access to the router using MAC addresses. This
    feature is offered by the router but does not work.

    2) Another feature offered is to be able to monitor devices attached to
    to the router. This does not work.

    So I cannot restrict access to the router using MAC address - one of
    the top security tips for home Wi-Fi networks - and in addition I
    cannot see who is connected to my router. Both security issues to me.

    Sorry if I didn't make it clear but - for me - this has only been a
    WLAN problem.
     
    drjon, Feb 27, 2006
    #5
  6. That claim greatly surprises me and nothing in your first post indicates
    that to be true.
    How does that amount to a security issue?
    Tony
     
    Anthony R. Gold, Feb 27, 2006
    #6
  7. drjon

    Sunil Sood Guest

    You do know that v1 and v2 of the DG834G use the same firmware? (i.e. if
    there is a problem in v2, it will be the same as in v1)

    btw what version firmware are you running? There are several different
    versions available..

    Regards
    Sunil
     
    Sunil Sood, Feb 27, 2006
    #7
  8. drjon explained :
    I have one with the latest firmware installed. This feature works here
    in as much as if the MAC address is not included in the list, then the
    PC will not be able to connect via WiFi.
    Obviously I can't watch the list of connected devices 24/7, but on
    those occaisions when I have checked, all connected devices have been
    correctly listed.

    I have no use for the section which allows you to schedule when devices
    are allowed to connect, but I tested that briefly a few months ago and
    it worked correctly at that time.
     
    Harry Bloomfield, Feb 28, 2006
    #8
  9. drjon

    Sam Nelson Guest

    Same here.
    Same here.
    Never noticed that---not that it would be of any use to me.
     
    Sam Nelson, Feb 28, 2006
    #9
  10. drjon

    Peter X Guest

    It doesn't *always* show all connected computers.
    This post might help explain why:
    http://forum1.netgear.com/support/viewtopic.php?t=15148&highlight=

    But it's certainly not a security issue!
     
    Peter X, Feb 28, 2006
    #10
  11. drjon

    drjon Guest

    How is someone accessing my router via wlan - using an IP address
    reserved for one of my PCs (MAC) - and with me not even be able to see
    that they were connected not a security issue?
     
    drjon, Mar 6, 2006
    #11
  12. How is someone abducting you into their spaceship and reading your mind
    not one too? Those Netgear people have a lot to answer for :)

    But seriously, how will someone access your WLAN? Are you using WPA (or
    at least WEP)? If intruding into your WLAN is not VERY difficult, then
    you do have a security issue to whinge about, but has that ever happened?

    Tony
     
    Anthony R. Gold, Mar 6, 2006
    #12
  13. drjon

    drjon Guest

    I'm very happy with the router and not whinging so much as bemused.

    I find it odd that no one else has seen this problem when I have seen
    it with two version 2 machines and odd that I have worked with Netgear
    to try and solve this - updating to the latest firmware, (now
    3.01.29) try not using encyption, firewalls etc etc - and still have an
    open ticket for over a year (bear in miind they close tickets asap).

    I have WEP encryption on and limit the number of IPs so I am not overly
    concerned that my router will be used by anon.

    Being an honest chap I feel duty bound to mention that I recently tried
    to use one PC to obtain an IP address reserved for a second PC (mac)
    and it would not obtain the IP address ie this time I could not
    reproduce the problem mentioned above.

    But I should also mention that some time ago I added an extra IP
    address to the router so that a friend could access the router with his
    laptop (wlan) and he obtained the ip address reserved for my laptop
    (mac) and I was allocated the spare IP address. Fortunately he was
    there to confrim this and that I was not losing my marbles.

    The second problem is reproducible ie I can be the only PC connected to
    the router (wlan) and 'attached devices' shows no PCs connected.
     
    drjon, Mar 9, 2006
    #13
  14. drjon

    drjon Guest

    drjon wrote:
    Just updated Firmware to Version V3.01.29 - does not fix this.
     
    drjon, Mar 11, 2006
    #14
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.