NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
NETGEAR Router Remote Management BAD
I own a R8000P router. I have it specifically set up to NOT allow Remote Management If I type in the http://<external IP Address> from another physical location, it prompts me for credentials and th...
jpharper999 wrote:
No newer firmware available according to the Management Check functionality of router
Not always a reliable guide.
It can miss things like this:
R8000P Firmware Version 1.4.1.82 - Hot Fix | Answer | NETGEAR Support
Always better to visit the support pages for your device.
Manuals are always a good place to start.
Visit the support pages:
Support | NETGEAR
Feed in your model number and check the documentation for your hardware.
That page will also have any software, firmware and drivers for your device, if they exist.
Will try that... Appreciate ya pointing me to the Hot Fix.
Reading the notes... I do not think this update will fix the issue... Maybe I will get lucky... From a cyber security standpoint... The web login page should not even be accessible at all from outside unless Remote Management is specifically enabled. That in and of itself opens the router up to an attack which eventually could succeed.
Updated with Hotfix...
admin page still be advertised to outside my network...
Updated my password to a very large random sequence... oh well....
such is life
I have a vague recollection that something similar has come up before.
It turned out that the claim to be calling in from outside was no such thing. Typing in the "remote" IP address worked because the "caller" was in some way on the same network. Like I said, my recollection is hazy.
I'm not saying this is happening here, just that things can be a bit more complicated than is immediately obvious.
I have just failed in my attempts to break into my second network.
For research purposes, do your router's logs show any signs of this intrusion?
You say that you have not allowed remote management. Have you tried getting in through the conventional Remote Access route with the genie App? (See the manual for details of that.) That would show if the problem is dodgy security, or if that setting was not obeying your orders.
QUOTE: "turned out that the claim to be calling in from outside was no such thing. Typing in the "remote" IP address worked because the "caller" was in some way on the same network. Like I said, my recollection is hazy."
Response: I tested from a 10.x.x.x network at a different physical location when I first ran across this...
Granted... yesterday, after I applied the hot fix, it could have occurred then as I may have been on that network (192.168.x.x) as I have two different networks in to my house due to necessary business functionality so I will double check this later today when I go in to office.
QUOTE: "Have you tried getting in through the conventional Remote Access route with the genie App?"
Response: DUDE! I honestly forgot all about that as I do not use it very often... GREAT IDEA! and I will look at that...
I plan on doing a Full Scan on my external facing IP Address this weekend to see what all turns up... this should be interesting...
QUOTE: "do your router's logs show any signs of this intrusion?"
Response: Sadly... not anymore... I am a dummy and should have saved the log entry of admin logging in from external network... My initial thought on the issue was probably just a blip... reset router and wiped everything and reconfigured... While I got the page to come up yesterday, I did not attempt actual login. I will be retesting from external network today and, if the login page shows up, will capture logs. I am hoping you are right and I was on the same network after applying the hotfix and the login page does not come up...
Respectfully... and many thanks...
John P Harper