NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
RAXE500 no longer get attack warnings
I've never been so unhappy after purchasing a router as I have been with this RAXE500. But I'll have to live with it now that I've spent the $600 to get it!
Yesterday I upgraded the firmware from V1.0.11.94 to V1.2.13.100. Prior to the upgrade, I kept seeing numerous "attacks" on my network. After the upgrade, no more attacks show up in my logs. So either router is lying or the Internet has suddenly become a much nicer and kinder place? Has anybody else seen this problem with this release.
In addition to the above problem, prior to the firmware upgrade, devices that connected on the 6G network showed their "Connection Type" as "6G Wireless" but now they show up as just a "-". The 5G and 2.4G devices still show up as their respective types.
Can I roll back this firmware version to either my previous version or to V1.2.12.96 without losing all my settings?
I now want to comment on Netgear's useless, underpowered app that they continue to hype as the end-all and be-all of router configuration. It is just plain crap and shoulld be avoided at all costs. Lastly, for the amount that I paid for this router, you would think that security would be built in instead of having to purchase it on a yearly subscription model. If I could get my money back on this device, I would do so in a heartbeat.
GChuck
michaelkenward Netgear have changed the attack logging so I apologise as I was surprised its so different, but it is the way its meant to be now on The RAXE500 as you guessed.
I was given this reply via Netgear. "Engineering comments: Understood and we changed the DoS attack determination rules since there are a lot of false alarms in previous version. It’s the enhancement in v1.2.13.100.
I don’t think it is an issue."Also there is a trial version to cure option 60-61 missing but users with that issue would need to contact Netgear.
20 Replies
Replies have been turned off for this discussion
GChuck wrote:
Yesterday I upgraded the firmware from V1.0.11.94 to V1.2.13.100. Prior to the upgrade, I kept seeing numerous "attacks" on my network. After the upgrade, no more attacks show up in my logs. So either router is lying or the Internet has suddenly become a much nicer and kinder place? Has anybody else seen this problem with this release.
If you mean DosAttacks, perhaps your experience is a sign of progress and that Netgear is finally getting its act together.
Netgear's firmware is great at creating false reports of DoS attacks. Many of them are no such thing.
Search - NETGEAR Communities – DoS attacks
Use Whois.net to see who is behind some of them and you may find that they are from places like Facebook, Google, even your ISP.
Here is a useful tool for that task:
IPNetInfo: Retrieve IP Address Information from WHOIS servers
I now want to comment on Netgear's useless, underpowered app that they continue to hype as the end-all and be-all of router configuration. It is just plain crap and shoulld be avoided at all costs.Most people follow your advice. The Nighthawk app is there for people who want a simple life, especially when setting up a new device, and then want to use local and Anywhere Access to manage a few basic operations with a mobile device.
Can I roll back this firmware version to either my previous version or to V1.2.12.96 without losing all my settings?Yes, if you don't reset the router.
If you haven't found it yet, this is a useful tool when playing with a router:
How do I back up the configuration settings on my Orbi WiFi System? - NETGEAR Support
A lot of this is in the manuals.
Visit the support pages:
Support | NETGEAR
Feed in your model number and check the documentation for your hardware.Thank you for the response regarding the DOS attack messages.
Now I have one further question. Are these DOS type messages generated by the firmware in the router, or by the Armor software. I reset to factory my router and then reconfigured it but I did not use the Nighthawk app (so hopefully did not enable the Armor software). I did this to allow me to use the “Access Control” settings in the router, which were unavailable as long as the Armor software was enabled. By the way, I did purchase a year’s worth of Armor, but don’t want to enable it until I can figure out if it is useful or not.
GChuck
GChuck wrote:
Now I have one further question. Are these DOS type messages generated by the firmware in the router, or by the Armor software.
We see regular reports here of logs loaded with DOS Attacks even when the router has never seen a whiff of Armor.
By the way, I did purchase a year’s worth of Armor, but don’t want to enable it until I can figure out if it is useful or not.That's for you to decide. I know nothing about Armor. I don't pay for things that I can't see the need for.
I have the same issue, but when there are no port scans showing (there are every day) I used Gibsons very old firewall scanner which always sets off that warning, nope. all attack warnings no longer appear, now while its nice not to see Netgears paranoid firewall throwing up them, they do happen and this firmware has introduced a bug where they don't show up at all, and yes that's after a factory reset as well.
Also what happened to all the DHCP 60-61 issues people where having, if you search it on Google it shows up, but there is no link when clicked on, like its been removed? This firmware seems a bit of a mess, and the last one had issues for almost a year. Not great whatsoever.
Thanks for that answer. It's what I thought. I think I might revert my router back to my previous version (1.0.10.86) and then upgrade it to V1.0.12.96 to see what else breaks. This is my first (and probably last) Netgear router. Can't say I'm impressed!
GChuck
All routers have bugs, don't let this put you off, the RAXE500 is a capable router, speedtest over PPPoE was broken in V1.0.12.96 and you cant use 40Mhz on 2.4Ghz (which you should not be anyway) I had no issues with that firmware for a year. I'm staying on this latest one, I've seen this bug on the RAX120 years back and with some of the other issues Netgear will get this fixed, but if you want run V1.0.12.96 just keep an eye out for possible security updates that means running 1.2.13.100. Also the router is blocking port scans and etc its just not logging them and many people turn the logging of that event off as its annoying but you still have the protection, after all its only a log. The router is still working as it should to protect you and this version although with a few bugs has a lot of fixes too. Id rather stay up to date for security than roll back and be vulnerable. the version you were running was quite old, its best to stay up to date for your own protection if possible. Netgear are aware of the issues. If they pulled the posts to option 60-61 not working (not saying they did) I would say these told people to roll back who use that option and will get it fixed.
