NightHawk R7000p - Http uses an insecure authentication procedure

antinode
Guru
Oct 08, 2019
> I keep getting notifications [...]

   When you do what, exactly? What's the whole, actual message?
Copy+paste is your friend.

> [...] from Lenovo and Bitdifender [...]

   "Lenovo"? Really?

> [...] it traced the risk back to the router**

   What's the whole, actual message? Copy+paste is your friend.

   It's common to get complaints from a web browser when you use the
router's management web site, because the browser is worried about your
sending some user credentials over an unencrypted/insecure link
("http://" instead of "https://"). The easy thing to do is ignore the
warning, and proceed. Presumably, you're talking to your own gizmo on
your own LAN. If someone can overlisten to that traffic, then you're
already in big trouble. From your description, it's not clear what's
emitting these messages which are bothering you, or why.
- CarlE_01
  Aspirant
  Oct 08, 2019
  Thanks for the feedback, hopefully I can clear it up.
  
  Issue: Whenever I connect to my home network, I get a pop up from Lenovo security and Bitdefender that my network is unsecure and could have "malicious activity". The issue is recent, it just started happening like a week or two ago. I thought maybe it was the firmware and checked for updates, but it keeps showing that the NightHawk(AC2300, R7000P, V1.3.1.64) firmware is up to date.
  
  Whenever I connect to any other public wi-fi, I just get a warning that the wi-fi is unsecure, and I know thats to be expected because its public wi-fi.I just don't understand why I'm getting a warning on my home network for "malicious activity".
  
  Hopefully you can see the screenshot, Bitdefender is suggesting I upgrade to the latest firmware, but acording to NetGear the router is up to date.
  
  My question then is, what could possibly be sparking up my anti-virus that there is malicious activity on my home-network? Also, the internet/wi-fi keeps dropping, but I've been looking around the forums here, and I think I found a solution for that.
  
  *I disabled the SSID, run a VPN, have an AV (bitdefender), and of course have a WPA2 password for the wi-fi.*
  - antinode
    Guru
    Oct 09, 2019
    > Http uses an insecure authentication procedure
    
       That seems to be a poor description of the actual "problem", namely
    that your "Netgear router" uses HTTP (rather than HTTPS) to handle its
    login authentication. Which is the situation described previously.
    ("Http" doesn't "use" anything. The router's management web site uses
    HTTP for its login authentication page.)
    
       This seems to be a message from Bitdefender. I know nothing about
    "Lenovo security".
    
    > [...] what could possibly be sparking up my anti-virus that there is
    > malicious activity on my home-network? [...]
    
       Read it again. It didn't detect any malicious activity; it detected
    a (potential) vulnerability. Namely, a malicious user who has already
    gained access to your LAN could learn your routers "admin" username and
    its associated password, and use them to fiddle with your router. Which
    is a threat only if a malicious user has _already_ gained access to your
    LAN.
    
    > [...] If someone can overlisten to that traffic, then you're
    > already in big trouble. [...]
    
       Still true. But it's not a way for anyone in the outside world to
    break into anything (unless he's already broken into something else in
    some other way).
    
    > RISK o HIGH
    
       Not how I'd assess it. At worst, it's a secondary threat.

Forum Discussion

NightHawk R7000p - Http uses an insecure authentication procedure