NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Security concerns GS728TPv2 with FW v6.0.10.5
Updated my GS728TPv2 with FW v6.0.10.5 and noticed some serious security issues. 1. Though SSH has now been added to the switch.... SSH is missing in Security -> Access control section. HTTP, HTT...
No worries, probably two decades longer in this business, praying the same things you do.
And I said the behavior of the disabled service is wrong. Have just explained that enabling the service and applying ACL will lead to the same effect on NMAP (and when monitoring the effective traffic). probably I was not clear either ... disadvantage of age and by not being a English language native - sorry for the confusion in case, this was not intended.
And yes, there is a lot of legacy Netgear - for whatever historic compatibility - should be removed from the code.
Just to add another example from my reports: While I like Netgear Insight, i still can't see any reason why the related daemons are still kept running in pure Web management mode. Just for the case somebody does attempt to add a device to the Insight cloud one day.
So you see, we share very similar views and concerns 8-)
YeZ please create some more awareness with the switch engineering on these reports!
schumaku Thank you for your understanding. I don't know what influence you have to get the SSH & Telnet ACL request to the FW Devs but I hope you can. In the meantime, our GS728TPv2 will remain shelved until this issue is resolved. We currently are no longer procuring Netgear for our evergreen switch updates.
Note: Depending on the switch, the state Table TTL, at some point, a scan would return either nothing or at minimum closed when the table entry times out and is removed via garbage collection. This ongoing "filtered" port appearance does not happen on a Cisco, HPE, a Server, etc. where, once the state entry has timed out, the device scan reports nothing at all on ports 22 & 23. So I can't agree with your filtered argument unless via the CLI there is a way to see the state of all services running on the switch (similar to what can be performed on Unix/Linux/Cisco, Windows, etc.). I didn't see this mentioned in the Netgear CLI UG for the GS728TPv2 v6.0.10.10.
Note: Depending on the switch, the state Table TTL, at some point, a scan would return either nothing or at minimum closed when the table entry times out and is removed via garbage collection. This ongoing "filtered" port appearance does not happen on a Cisco, HPE, a Server, etc. where, once the state entry has timed out, the device scan reports nothing at all on ports 22 & 23. So I can't agree with your filtered argument unless via the CLI there is a way to see the state of all services running on the switch (similar to what can be performed on Unix/Linux/Cisco, Windows, etc.). I didn't see this mentioned in the Netgear CLI UG for the GS728TPv2 v6.0.10.10.
Dear I have just Limited power, Mainly just yet another community member who can't have his moth shut. From time to time I get the opportunity to test drive new models. But I'll see how much I can archive here.
- Thank you. Here's hoping the Devs/Managers listen. If they do, Netgear could increase their market share.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
