NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
RAX120 login exposed?
I have checked the router setting for port forwarding / triggering, disabled remote management, etc. However the router's login prompt is accessible external using HTTP (not https though). Using http:...
Let's start over. I will over simplify this. The network would look like this (using incorrect IPs so don't try and access them).
RAX120 router with Internal network IP of router is 192.168.0.1. This is the IP used for accessing the router's web gui.
The External WAN IP of router is 71.71.40.5 which is connected to an internet provide like Spectrum, xfintity, (it doesn't matter which one)
I go to my local starbucks and buy an $8 coffee. I boot up my laptop and connect to the starbucks network. I go into chrome and type in.
This brings up a login prompt for my router. How do i disable the ability to remotely access the login of my router using the above url?
It can't be any simpler than that.
(latest firmware, no port forwarding, no port trigger, remote managment disabled, using a very strong password, etc.)
You cant, and with a strong password it should not matter. Its like saying can I only want to log into Amazon via my own network, not the coffee shop. The answer is no but that's down to you, Amazon want people to log in from anywhere, and Netgear want people to have access to thier routers from anywhere too (should have HTTPS) although even thats not as secure as you think, just have a google. The URL is there so you can log in and check your router or update settings (never leave it to auto update, that can be a nightmare) from any source, although if you have set up email notifications that should save you having to do that.
The case here is dont log in from untrusted networks, dont store the password in your browser and only log in from your home network, now that's not difficult. Its like logging into a banking site from a wifi point in any shop, you just don't do it. You could log in using a VPN possibly that would be better, but if you are not logging in nobody else can log in either, there are millions of Netgear routers and people tend to access them from own home networks, or the app, which I avoid. Yes HTTPS should be used, but also using common sense from where you login goes a long way. People are not trying to log into every Netgear router all the time they look for backdoors in that show in logs, hence keep your security up to date. Netgear routers also now force you to use a more complex password during set up. Basically I understand what youre asking for but that isn't available, and wont be. Netgear are lagging with a SSL login but you cant turn that feature off, just as you cant turn off the ability to lgin into amazon from anywhere in the world, or stop someone trying to use a brute force attack to get your amazon password. Maybe suggest Netgear use 2FA, and HTTPS. Until then use a complex password and log in from public wifi access points, only login from your home. Also make sure your firmware is always up to date to make sure bad actors cant break in easily anyway in ways that are much more than a devices primary login.
* and dont log in from public wifi access points
Just a thought what firmware are you using? With remote manament turned off you should not be able to log in unless you enable remote managment. Have you updated to the latest Hotfix and done a factor reset? With remote management turned on you can define what device/devices can acess your router, maybe that would be preferable as a work around. Also as mentioned everywhere online, have a complicated password, they really do help.
https://kb.netgear.com/976/Enabling-your-router-s-remote-management
I have done a factory reset. I did try enabling remote management. Then waiting and disabling similar to a previous defect.
I am using firmware V1.0.1.90.
The default remote management url for Netgear is https://ipaddress:8443. The url I am referring to which is exposed is different hence the original request.
If people are responding with responses like "it's ok to have it exposed" it's Pleaselike using Amazon...thank you but please refrain from responding as exposing administrative interfaces to routers fro. External network locations is not even close to the same thing as a publicly facing site.
I totally understand what you are saying. Just to clarify, are you actually able to login or is the router just displaying the username/password screen and would actually reject login attempts? If you are actually able to login to the router from an external network with remote management turned off, it should be marked as a security bug in firmware.
I cannot test this because I run the router in AP mode which greys out remote management.
Straitpipe wrote:
The default remote management url for Netgear is https://ipaddress:8443.
This is, of course, also the entry point through Remote Management itself, but with the address
https://[username].mynetgear.com:8443
How would someone else find your WAN address from a coffee shop?
Or is it just a random attack thing?
If you have a fixed WAN address from your ISP it probably isnt difficult for someone to find out your specific IP address.
However, I'd imagine there are lots of tools out there that would just cycle through random IP address & look for an active responce.
If the router responds to a request for WAN IP & opens a login page then you are wide open to a brute force attack.
Accepted, someone could only modify your router settings & mess up your network but I guess they can also see connected devices, change your password, open ports, enable port forwarding etc.
If the router is set to "Remote Management Disabled" then I, like the OP, would not expect the router to respond at all from outside the local network....
Have things changed with the new firmware update? 1.0.1.108? As said if you can actually log in then report this as a security bug ASAP, if you can just but see a HTTP login but cant actually log into the router itself then as much of a pain as it is you are going to have to wait till netgear decides to use HTTPS. Contact them as many of us have and complain.
