×

Introducing the Orbi 970 Series Mesh System with WiFi 7(BE) technology. For more information visit the NETGEAR Press Room.

Orbi WiFi 7 RBE973
Reply

Re: Newbie questions

ArtLee
Apprentice

Newbie questions

I'm three days into using my new Orbi RBK50. And, I have a couple of questions...

 

  • Should UPnP be set to on??? 
  • Shoud I have Implicit Beamforming turned on??? And, Enable MU-MIMO???
  • Do I need to do anything about DOS attacks I see in the log??? I gather I'm (relatively) safe...

Everything seems to be working now...

Model: Orbi High-Performance AC3000 Tri-Band WiFi System (RBK50)
Message 1 of 17
DukeSilver
Star

Re: Newbie questions

Hi!  The answer to all three questions is an emphatic NO.

Message 2 of 17
ArtLee
Apprentice

Re: Newbie questions

Thanks. I notice that UPnP is turned on... I'm wondering if there is a downside to turning it off...

Model: Orbi High-Performance AC3000 Tri-Band WiFi System (RBK50)
Message 3 of 17
DukeSilver
Star

Re: Newbie questions

If you have connected devices that need to discover each other then UPnP may need to be enabled. It is likely you do not as this is actually a rarer case then it used to be.  If you do not need it then disable it as it is a potential security hole.   I had UPnP enabled on my R7000 and had frequent remote access intrusions.

 

From

http://www.makeuseof.com/tag/what-is-upnp-and-why-is-it-dangerous-makeuseof-explains/

 

  • Programming Errors – there are oversights in the actual code for UPnP implementations that can be exploited by malicious users, allowing them to execute harmful code through injection.
  • Unintended Exposure – the purpose of UPnP is to make devices on a network easily discoverable by other devices on that network. Unfortunately some UPnP control interfaces can be (and routinely are) exposed to the public Internet, allowing malicious users to find and gain access to your private devices
Message 4 of 17
ArtLee
Apprentice

Re: Newbie questions

Well, I don't know if I have devices that need to discover each other or not. 

Model: Orbi High-Performance AC3000 Tri-Band WiFi System (RBK50)
Message 5 of 17

Re: Newbie questions

@DukeSilver

 

UPnP is needed for all sorts of things and our devices use it daily and you will have issues with 2 way communications if its of eg torrents wont work well , windows messenger and facebook messenger wont work plus many more things

 

UPnP is there for far more things that just connecting between machines , turning it of is a paranoid security measure at best and overkill for the average home router

 

pete

Message 6 of 17
DukeSilver
Star

Re: Newbie questions

Thanks for the advice.  It is simple to turn it off and see if you really need it.  I have it off and have no issues with any services\devices on my network.  

 

I read "paranoid" to be smart and safe.  Don't open ports\enable services you do not need.    If I have UPnP enabled I see frequent remote access login attempts.  

 

As with all advice - do your homework, make your own decisions, live with the consequences.

 

Per Ars Technica article:

 

They identified 81 million unique addresses that responded to standard UPnP discovery requests, even though the standard isn't supposed to communicate with devices that are outside a local network. Further scans revealed 17 million addresses exposed UPnP services built on the open standard known as SOAP, short for simple object access protocol. By broadcasting the service to the Internet at large, the devices can make it possible for attackers to bypass firewall protections.

Message 7 of 17

Re: Newbie questions

so do you port forward ?

Message 8 of 17
ArtLee
Apprentice

Re: Newbie questions

Thank you both. I have seen numerous DOS attempts in the router log. I also notice my old router, an older Airport Extreme had it turned off, I think. I never touched it, but going over old AE docs, it apparently is turned off by default, but the AE uses something else, NAT something, to do the same thing.

Model: Orbi High-Performance AC3000 Tri-Band WiFi System (RBK50)
Message 9 of 17
DukeSilver
Star

Re: Newbie questions

DOS attempts are not related to UPnP being enabled.  You cannot stop DOS attempts.  Netgear is the only firmware I am aware of that logs these attempts.  They are nothing to be worried about.  

Message 10 of 17
ArtLee
Apprentice

Re: Newbie questions

I'll just ignore all those DOS attacks, then.

Model: Orbi High-Performance AC3000 Tri-Band WiFi System (RBK50)
Message 11 of 17
DukeSilver
Star

Re: Newbie questions

No, I currently have no ports forwarded (no need yet to access any of my devices outside my network or to provide access to my devices to others outside my network).  If Arlo comes way down in price that may change.

Message 12 of 17

Re: Newbie questions


@ArtLee wrote:

I'll just ignore all those DOS attacks, then.


just untick the dox in the log so it doesnt report them

Message 13 of 17
ArtLee
Apprentice

Re: Newbie questions

So, do I port forward? No, I don't even know what it is. 

Model: Orbi High-Performance AC3000 Tri-Band WiFi System (RBK50)
Message 14 of 17

Re: Newbie questions


@ArtLee wrote:

So, do I port forward? No, I don't even know what it is.


thn i suggest you just leave UPnP tyrned on or you will have to port forward anything that need 2 way comms and that includes game consoles

Message 15 of 17
ArtLee
Apprentice

Re: Newbie questions

Yes, I think I'll just leave it turned on. Thanks...

Model: Orbi High-Performance AC3000 Tri-Band WiFi System (RBK50)
Message 16 of 17

Re: Newbie questions

i will say however make sure you have a good working paid for antiuvirus software on all your clients devices so bad software or viruses etc cant be installed on those devices which may then take advantage of UPnP to access the internet

Message 17 of 17
Top Contributors
Discussion stats
  • 16 replies
  • 5296 views
  • 2 kudos
  • 3 in conversation
Announcements

Orbi WiFi 7