NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
lack of DHCP-linked DNS view
Hi, my old router (LInksys E4200) provided a DHCP-linked DNS view. When I added a local computer to my network, it responded to DNS queries for its name with its address. The AX4200/RBR750 I jus...
It can certainly be requested here:
https://community.netgear.com/t5/Idea-Exchange-For-Home/idb-p/idea-exchange-for-home
When you search the Idea Exchange for Home for DHCP and DNS you find eleven entries, representing about seven or eight valid feature requests for features people expect on thier routers in weeks, and not probably in seven years when Netgear CBU has grown up from their first (ZyXEL) OEM router from 1899 or so. Named OEM has changed since. Netgear hasn't.
For you reference - here is the request for Orbi: https://community.netgear.com/t5/Idea-Exchange-For-Home/orbi-add-dns-server/idi-p/1474376 ...oh there are even hacks shown on how to make it happen on an experimental base.
Has anything requested implemented from that list the last ten years?
Thanks for the link. I kind of thought it's a known issue, but I was confused which forum to search. Do all Netgear devices use a more or less shared code base?
In any event, the hack proposed there probably isn't going to work on the RBR750 in my possession. /tmp/dhcpd_hostlist doesn't exist. Also, FWIW, it's not clear from a quick scan of the dnsmasq man page how often it polls any files listing additional hosts, or whether they are read only on startup. (This may not be a big issue since presumably the set of hosts isn't changing frequently.) Plus, they pass -n to prevent dnsmasq from polling even the resolv.conf file for changes.
All in all, my first impression from looking at their OS is that it seems cobbled together.
I'm not surprised by government warnings like these,
See also.
Kind of makes me regret shelling out $400 based on good reviews of the AX6 series together with the fact that Netgear at least doesn't require an App to set up (this was my 2nd must have).
All consumer vendors are carrying forward standard code, daemons, ... Here it has hit a simple httpd carried forward for a long time, in the mean time the problesm was fixed for few models - then the old code returned. It's careless code management ... Here are often derivatives of some low footprint code, wrapped over awful and even more crappy chip vendor dev kits (often prohibiting using reasonabe Linux code), so often it happens for devices using kind of similar chipsets that' the base code is carried forward ... that's how the XR300 (that's the "newest" router model that hits my eyes on that vulnerability) came into the lists.
Your Orbi AX system isn't affected, there is a newer Web server code in place.
I have spent reasonable time on making Netgear change some code line for a late 802.11ac router (as that one runs on a generic computing platform) - if an how this time and resources was worth and carried forwards or not to similar and newer router model lines.
schumaku wrote:All consumer vendors are carrying forward standard code, daemons, ... Here it has hit a simple httpd carried forward for a long time, in the mean time the problesm was fixed for few models - then the old code returned. It's careless code management ... Here are often derivatives of some low footprint code, wrapped over awful and even more crappy chip vendor dev kits (often prohibiting using reasonabe Linux code), so often it happens for devices using kind of similar chipsets that' the base code is carried forward ... that's how the XR300 (that's the "newest" router model that hits my eyes on that vulnerability) came into the lists.
Your Orbi AX system isn't affected, there is a newer Web server code in place.
I have spent reasonable time on making Netgear change some code line for a late 802.11ac router (as that one runs on a generic computing platform) - if an how this time and resources was worth and carried forwards or not to similar and newer router model lines.Interesting. I took a closer look at what they're running.
A number of daemons appear to related to BitDefender, a service I do not use or know of.
Then, there is a directory /tmp/aws_json_dir that contains a number of files with the result of a Fing scan of my network.
So Netgear doesn't implement a DHCP-linked DNS view, but they do send the DHCP fingerprint of all devices located on my local network to a server in the AWS cloud (there's a program called 'aws_json' that appears to do that.) Ironically, this includes whether the DHCP client used option 12.
Interesting priorities. I haven't even checked what privacy policies I must have agreed to when buying this device that allows them to scan and fingerprint my network (including MAC addresses, OS versions, Hardware guesses, etc.) and collect this information.
FWIW, Fing doesn't appear to be high quality software, fortunately. It scanned my Linux machines as running Windows.