NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Blocking HTTPS sites, truth vs lies.
Let me be clear and say that my knowledge is limited, no one knows everything about computers. I am fairly new, I have only been programming since the 1980's. Yes, I did look and yes, I see that the same issue has been brought up many times. I also keep seeing the same lame excuse that, quite frankly seams like a lie. I am going to call BS on this, ask the question again, and see if we can't get somewhere with it. The lie: "HTTPS pages are encrypted and the router can't see the content, hence, it can't block access to HTTPS pages." This same excuse keeps being used. This tired statement starts out true, about being encrypted and not seeing page content. It is also true that the ability to block the page, based on a scan of the page content, could not function. However; that claim fails to be true when it is used as an excuse for not blocking a domain name. The truth: The URL of an encrypted page is NOT encrypted or it couldn't be routed to its destination. Currently, there is no reason this router shouldn't be able to block HTTPS pages by applying the filter to the domain name. I understand that a URL mask can be applied server-side and HTTPS encryption used to hide the true destination. Yes, I know there are work-arounds for crafty programmers/hackers. That said, applying the filters to the known URL would allow a significantly effective block for many things. When we are looking at router level filters, we are not talking about national defense or stopping a truly determined expert hacker. Given a little opportunity, I doubt 1 out of 10,000 people would be able to keep a novice hacker out of their personal computer. That said, it would be most helpful to many of us if Netgear would simply apply the filters, we have already input, to the URL and stop the average person from simply typing https://facebook.com and getting what they want when we told you to block facebook.com. Ok so the next suggestion at this point might be to use the Genie app with the parental controls. That simply isn't an option. For reasons I will rant about in a future post, the Genie app is itself a security breach and not viable in its current design. So, no more lies please, even if you can't filter HTTPS pages by content scan, at least implement the filters on the URL so we can effectively block most of the things we don't want getting through. I do feel strongly about this and will not apologize for my tone. I am not a networking expert. If there is something I am missing, will someone PLEASE explain it to me because I have yet to read an explanation here that made any sence. Thank you for your consideration.
XR500 internet time setup and SSH access
Hi experts. Couple of questions for you. I recently bought the XR500 as I got seduced by the DumaOS screens. I previsouly had a Netgear R7000 which I had flashed with DD-WRT Kongo. Liked it a lot but to be honnest the idea of having fancy bandwidth graphs pushed me to the XR500. While the interface is really neat, there are number of features I miss from DD-WRT, and some other upgrades I am hoping for (more icons for the devices e.g. switches, the ability to disconnect a device from the network as the blocking feature works only if the device tries to connect...). I am running version V2.2.1.10 which I believe is the latest one. To the questions: - I must be a little tired or something... how do we change the timezone ? Programming the wifi ON/OFF on specific hours would be much easier if the router was set on my timezone... - is SSH connection blocked ? putty tells me "connection refused"? - I seem to be able to access the interface thru HTTP or HTTPS... how do I limit to HTTPS? thanks much! Arnaud
Installing third party SSL certificate?
I searched far (Google) and wide (NETGEAR forum), but could not find the answer to this question for our beloved R7000. Is there any way to install a proper PKI-chained SSL certificate from a third party like Comodo or StartCom SSL? Currently, when enabling HTTPS access for remote management, my/all browsers get angry because the R7000 is using a self-signed certificate: I have a free StartCom SSL cert all generated and ready to install. The problem is, I cannot find a way to share this certificate, intermediate cert, and private key, with my router. Thanks! - Dave
