NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
6.9.3 : Bug with static ip adresses
Situation:
I configure static IP address and DNS server on eth0 via ReadyNAS webgui
Static DNS server shows up in resolv.conf:
root@NAS2:~# cat /etc/resolv.conf
# Generated by Connection ...
Of course that is possible, but that is besides the point.
If GUI offers a way to use static IP addresses, then it should work properly.
I managed to work around this by manually fixing dhcpd.conf, but Netgear should fix this for ppl that do not want to enable ssh.
One could even see this as security bug. An attacker could place a DHCP server in the same subnet to change DNS and even default gateway that were staticly defined and via that way become man in the middle.
(But of course if an attacker has access to your network, then you may have bigger issues.)
rgerrits wrote:
One could even see this as security bug. An attacker could place a DHCP server in the same subnet to change DNS and even default gateway that were staticly defined and via that way become man in the middle.
DHCP isn't a secure protocol to begin with, so that's a hard case to make. DHCP clients will discover and respond to the attacker's server, and it can set the gateway and subnet mask to force all traffic from those clients to a man-in-the-middle server. That's already toxic - having it touch a few more devices that use static addresses doesn't make it much worse. Yes, the attacker could climb through that window, but why bother - the door is standing wide open.
FWIW, I use DHCP with reserved addresses, and I haven't seen my configured DNS servers change on the NAS. That said, as long as the DNS servers resolve correctly I might not.
Netgear should look at this, since your analysis does suggest something isn't quite right.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
