NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
NETGEAR Router Remote Management BAD
I own a R8000P router. I have it specifically set up to NOT allow Remote Management If I type in the http://<external IP Address> from another physical location, it prompts me for credentials and th...
I have a vague recollection that something similar has come up before.
It turned out that the claim to be calling in from outside was no such thing. Typing in the "remote" IP address worked because the "caller" was in some way on the same network. Like I said, my recollection is hazy.
I'm not saying this is happening here, just that things can be a bit more complicated than is immediately obvious.
I have just failed in my attempts to break into my second network.
For research purposes, do your router's logs show any signs of this intrusion?
You say that you have not allowed remote management. Have you tried getting in through the conventional Remote Access route with the genie App? (See the manual for details of that.) That would show if the problem is dodgy security, or if that setting was not obeying your orders.
QUOTE: "turned out that the claim to be calling in from outside was no such thing. Typing in the "remote" IP address worked because the "caller" was in some way on the same network. Like I said, my recollection is hazy."
Response: I tested from a 10.x.x.x network at a different physical location when I first ran across this...
Granted... yesterday, after I applied the hot fix, it could have occurred then as I may have been on that network (192.168.x.x) as I have two different networks in to my house due to necessary business functionality so I will double check this later today when I go in to office.
QUOTE: "Have you tried getting in through the conventional Remote Access route with the genie App?"
Response: DUDE! I honestly forgot all about that as I do not use it very often... GREAT IDEA! and I will look at that...
I plan on doing a Full Scan on my external facing IP Address this weekend to see what all turns up... this should be interesting...
QUOTE: "do your router's logs show any signs of this intrusion?"
Response: Sadly... not anymore... I am a dummy and should have saved the log entry of admin logging in from external network... My initial thought on the issue was probably just a blip... reset router and wiped everything and reconfigured... While I got the page to come up yesterday, I did not attempt actual login. I will be retesting from external network today and, if the login page shows up, will capture logs. I am hoping you are right and I was on the same network after applying the hotfix and the login page does not come up...
Respectfully... and many thanks...
John P Harper
jpharper999 wrote:
QUOTE: "turned out that the claim to be calling in from outside was no such thing. Typing in the "remote" IP address worked because the "caller" was in some way on the same network. Like I said, my recollection is hazy."
Response: I tested from a 10.x.x.x network at a different physical location when I first ran across this...
Granted... yesterday, after I applied the hot fix, it could have occurred then as I may have been on that network (192.168.x.x) as I have two different networks in to my house due to necessary business functionality so I will double check this later today when I go in to office.
A 10.x.x.x network is just another local (LAN) address somewhere else. (It is one that routers sometimes pick when the setup routing detects that something else is already squatting on 192.168.x.x.) It is the WAN IP address that tells you if it is breaking any security rules.
In my test, I went from one WAN IP address and tried to break into a different IP address.
I'm not saying that what you see is no possible. I am never surprised by the security holes that people discover. It just makes sense to investigate all possible wrinkles before losing too much sleep. If using 10.x.x.x is a way around the security, then it certainly needs mending. I leave it to the network experts to fathom that one out.