NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
NightHawk R7000p - Http uses an insecure authentication procedure
I keep getting notifications from Lenovo and Bitdifender that my network "http uses an insecure authentication procedure" and tells me to update the software. I went checked for router updates and it...
CarlE_01 wrote:
Thanks for the feedback, hopefully I can clear it up.
Not really. You have just repeated what we already knew and added a few bits of probably irrelevant detail.
Try this:
Search - NETGEAR Communities – Bitdefender
Follow some of those items and you will see that this has been going on for years.
Bitdefender makes money by scaring people. Perhaps with Halloween coming up we can expect to see more scary stuff around.
In the meantime, you might like to Lenovo security, whatever that is, and Bitdefender and ask them what is going on.
Hardware Version: R7000P
Firmware Version: V1.3.1.64_10.1.36
Thanks for the help, I appreciate it.
About 2-3 months ago, when I bought the router, Lenovo & Bitdefender were not acting up like this.
> I keep getting notifications [...]
When you do what, exactly? What's the whole, actual message?
Copy+paste is your friend.
> [...] from Lenovo and Bitdifender [...]
"Lenovo"? Really?
> [...] it traced the risk back to the router**
What's the whole, actual message? Copy+paste is your friend.
It's common to get complaints from a web browser when you use the
router's management web site, because the browser is worried about your
sending some user credentials over an unencrypted/insecure link
("http://" instead of "https://"). The easy thing to do is ignore the
warning, and proceed. Presumably, you're talking to your own gizmo on
your own LAN. If someone can overlisten to that traffic, then you're
already in big trouble. From your description, it's not clear what's
emitting these messages which are bothering you, or why.
Thanks for the feedback, hopefully I can clear it up.
Issue: Whenever I connect to my home network, I get a pop up from Lenovo security and Bitdefender that my network is unsecure and could have "malicious activity". The issue is recent, it just started happening like a week or two ago. I thought maybe it was the firmware and checked for updates, but it keeps showing that the NightHawk(AC2300, R7000P, V1.3.1.64) firmware is up to date.
Whenever I connect to any other public wi-fi, I just get a warning that the wi-fi is unsecure, and I know thats to be expected because its public wi-fi.I just don't understand why I'm getting a warning on my home network for "malicious activity".
Hopefully you can see the screenshot, Bitdefender is suggesting I upgrade to the latest firmware, but acording to NetGear the router is up to date.
My question then is, what could possibly be sparking up my anti-virus that there is malicious activity on my home-network? Also, the internet/wi-fi keeps dropping, but I've been looking around the forums here, and I think I found a solution for that.
*I disabled the SSID, run a VPN, have an AV (bitdefender), and of course have a WPA2 password for the wi-fi.*
> Http uses an insecure authentication procedure
That seems to be a poor description of the actual "problem", namely
that your "Netgear router" uses HTTP (rather than HTTPS) to handle its
login authentication. Which is the situation described previously.
("Http" doesn't "use" anything. The router's management web site uses
HTTP for its login authentication page.)This seems to be a message from Bitdefender. I know nothing about
"Lenovo security".> [...] what could possibly be sparking up my anti-virus that there is
> malicious activity on my home-network? [...]Read it again. It didn't detect any malicious activity; it detected
a (potential) vulnerability. Namely, a malicious user who has already
gained access to your LAN could learn your routers "admin" username and
its associated password, and use them to fiddle with your router. Which
is a threat only if a malicious user has _already_ gained access to your
LAN.> [...] If someone can overlisten to that traffic, then you're
> already in big trouble. [...]Still true. But it's not a way for anyone in the outside world to
break into anything (unless he's already broken into something else in
some other way).> RISK o HIGH
Not how I'd assess it. At worst, it's a secondary threat.
CarlE_01 wrote:
Thanks for the feedback, hopefully I can clear it up.
Not really. You have just repeated what we already knew and added a few bits of probably irrelevant detail.
Try this:
Search - NETGEAR Communities – Bitdefender
Follow some of those items and you will see that this has been going on for years.
Bitdefender makes money by scaring people. Perhaps with Halloween coming up we can expect to see more scary stuff around.
In the meantime, you might like to Lenovo security, whatever that is, and Bitdefender and ask them what is going on.
I assume that when home your network is configured as Private and not Public? If Private I am surprised at Bitdefender popping up as I run Bitdefender and have never seen that, both now and when I was running Netgear routers.
CarlE_01 wrote:My question then is, what could possibly be sparking up my anti-virus that there is malicious activity on my home-network?
You are barking up the wrong tree. The warning does not come up because there was malicious activity detected on your network. It comes up because Bitdefender looks at the gateway IP (your router IP) and tries to get an HTTP router login page to come up. If it is successful then it gives you the warning because the HTTP protocol is not secure. If the check for a HTTP login page fails or automatically redirects to HTTPS then it passes and no warning comes up. There is no malicious activity that triggers this. Bitdefender deliberately makes the warning look scary to convince you that it's doing something.
Having said that, there may be malicious activity on your network but it is not the cause of this warning and Bitdefender has not picked up this activity if there are no other messages.
