NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

Qballgreg's avatar
Qballgreg
Aspirant
Apr 03, 2019

Message on printer...is this some sort of hack?

This message was on my printer this morning...anyone know what this means?   I have a Nighthawk R7000P with Armor activated.   # GET / HTTP/1.1 Host: Internet address Accept: */* User-A...
schumaku's avatar
schumaku
Guru - Experienced User
Aug 18, 2019
TIRESIAS wrote:

I have two printers attached to the router and since the "trial version" of the NETGEAR's ARMOR was installed, about 40 pages of copier paper have been trashed! Each "cycle" uses five pages. The first page is a six lines message that starts with the GET / HTTP/1.1 line. By the fifth page, it is a one liner of a few ASCII characters?! "Nice" feature NETGEAR!

Typical behavior when doing fingerprinting and security tests on open ports trying for a Web server. Depending on the vulnerability checks run, e.g. some CGI and/or overflow tests, some "specific" code is sent to these ports, what can lead to random output - or worst case it can make the printer port hang or lock up.

 

That's the "fun" when dealing with automated and scheduled vulnerability testing. Netgear resp. Bitdefender has to find way to exclude some devices (by IP, by MAC) from the regular "attacks". Christian_R  please push this forward to the Armor and Bitdefender teams.

Lionkill's avatar
Lionkill
Aspirant
Jan 11, 2020
It's happening to me too. Definitely the Netgear armor on my orbi network.
  • DexterJB's avatar
    DexterJB
    NETGEAR Moderator
    Jan 14, 2020

    Hi Lionkill, this has been reported to engineering and is currently being worked on. We will provide an update once available.

     

    Dexter

  • swarick's avatar
    swarick
    Aspirant
    Jan 15, 2020

    so in the meantime I have disabled Armor.