NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Feedback for R7000 New firmware 1.0.9.18
Hi All,
Please post here for any update/issue related to the latest firmware 1.0.9.18.
You should review this and maybe revert back to this recommended version of FW:
Alfikwrote:I've looked here again after a while and I can't belive the problem is still not solved....
Since I've flashed Tomato a few weeks ago I've forgotten that I have a router- it's working perfectly getting dust because i do not touch it at all :-)...
Parental control works perfectly, 0 drops, strong signal - save your time and do a similar thing!
Exactly my sentiments this whole time. This needed to be high priority. Not wait and see who complains. You currently have two choices. Flash router with advanced tomato or buy a new one. You can certainly go backwards, but do that with serious caution.
- See, im glad someone is watching me...
- Advance Tomato supports AC on the R7000. Used it to 18 months.
- Fix for Krack is the client side. So if you are using this as a standard router then you don’t need krack fix.
juched wrote:
Fix for Krack is the client side. So if you are using this as a standard router then you don’t need krack fix.Fix for KRACK is on either side. I posted links about this before in these forums, or you can read the website FAQ for the exploit. Because not all clients are fixed, and some may never be fixed, router-side fixes are extremely useful.
Ok, this has the potential to be a long response since it's part about Netgear's response and part philosophical..
I work in the networking infrastructurer/security field. It would be very embarassing for me to have a home router that gets compromised. The reason I chose the R7000 in the first place was because of it's strong signal (1 unit to *almost* cover a 3200sq ft house) and the fact that they keep the code up to date. This second part has come to bite us all..
I have been on this thread since the beginning. People clearly don't understand the repercussioins of downgrading the code. The problem with a router is, by definition it *must* be Internet-facing. That means it's exposed, not to individuals attacking it (by the way, take a look at your logs to see who's [trying to] probe your network), but also bots, which pound on it daily. I'm all the way down to 1.0.7.12. It's been ~36 hours and I appear to be very stable. But it's still 1.0.7.12!
Advanced Tomato looks great, but without a KRACK fix, now all I've done is fixed the border in exchange for an "inside" attack. In my particular case, that's not quite as bad, since my I'm in a sub-suburban area. I would not recommend it to anyone in a densely-packed area. I'm more concerned that KRACK has been out for a while, and AT hasn't fixed it, which tells me development has stalled/stopped (I haven't followed Tomato in years). It makes me wonder what else hasn't been patched.
At this point, as a security professional, I have to recommend people move on to another vendor. Ubiquiti, Asus (open source), Synology, Google, Eero -- all provide systems that are regularly patched and don't seem to be ignored.
I have purchased another router. Blizzard notwithstanding, hopefully it will arrive tomorrow. I'll put it in production over the weekend. My R7000 will probably stay at 1.0.7.12, but put in AP-only mode; signal strength turned down; placed in a lower-signal area of my house. Eventually, it will get retired.
Netgear appears to be addressing the issue, just far too slowly for my acceptance. This is still better than some of the other vendors (notice the ones missing in the list above). I don't see me coming back to Netgear for my primary router for a while, but I won't discount it. But I expect it will be years. The larger damage is, I won't be recommending their routers to people for a long time.
Good luck, everyone.