Security Concerns. C7000v2

Have you seen this knowledge base article: 

https://kb.netgear.com/24314/How-do-I-specify-ReadyDLNA-media-server-settings-on-my-Nighthawk-router 

Are you operating in a crowded RF environment?  Lots of close neighbors, lots of devices that transmit Wi-Fi?

Hi Kitsap, thanks so much for the info. Yes, i have seen that and confirmed that DLNA is NOT enabled on my settings.and i have used the linked as a guide to inspect the expectation. 

as for a crowded RF environment, that is a negative. I  live in a fairly rural area and although i can see my neighbors, none are close enough to interfere via their equipment. 

Can you please advise what your answer would have been had i said yes? i am interested in this because although i am not in a crowded RF area, perhaps the solution lies a the manufactured RF environment from a party trying to infiltrate the network.   

thanks so much! 

---

@HeadPhoneJack wrote:

Hi Kitsap, thanks so much for the info. Yes, i have seen that and confirmed that DLNA is NOT enabled on my settings.and i have used the linked as a guide to inspect the expectation. 

 

as for a crowded RF environment, that is a negative. I  live in a fairly rural area and although i can see my neighbors, none are close enough to interfere via their equipment. 

Can you please advise what your answer would have been had i said yes? i am interested in this because although i am not in a crowded RF area, perhaps the solution lies a the manufactured RF environment from a party trying to infiltrate the network.   

thanks so much! 

---

If you had a crowded RF environment with a number of "electronically" close neighbors, it could complicate the process of tracking down the device where the DLNA server is running. 

Any number of devices connected to your network can be host to a DLNA media server besides your router.  Computers, phones, tablets, televisions, game stations, etc. can often be configured, or by default are configured for a media server.

Through the application you provided the screen shot from, or from the router user interface, click or double tap on the connection to reveal additional details.  What you are looking for is a MAC address of the device where the connection is associated.

Do a web search for the MAC address.  The first three groups of alpha numeric characters should identify a manufacturer.  It may not be a manufacturer you recognize as it could be the manufacturer of the Wi-Fi radio in the device you are trying to identify.  Not the manufacture's name on the outside.

If per chance the MAC address you identify is the address of your router, then you have not been successful in shutting down the server running on your router.  Remember it is not unusual for devices to have multiple MAC addresses.  For instance, a router could have one for the Ethernet connections and one for each Wi-Fi radio band.

If you are connecting to a new iPhone, it has a MAC address randomize feature that can present several addresses to the connection.  Newer Samsung phones as well as Windows 11 computers also have that feature.

This is great info. thanks so much for sharing! 

By chance do you have anything connected to the USB port on your C7000v2?

HI, 

Thanks for hanging in there with me.

This is getting to a point where it is a little scary. As I have been really trying to find out what's happening on my network, I noticed that my admin page, does not have all the options shown on any tutorials i have watched on the C7000v2. There is no option for Parental controls. JPG attached. 

To answer your question, no, there is no USB attached. Confirmed and documented as far as picture from my FING app page and photo of the Gateway at the same time. 

-My Admin page is missing an option. Anything I have watched regarding Netgear products, have QOS or parental controls on the basic tab of the admin page, mine does not have anything of the sort. Similarly to the above questions, a photo, taken 6/22/22, has the menu option available. has there been an update since 6/22/22 that would have removed this from my basic tab? could someone spoof a log in page and keep this option off? 

-It is clear there is something not right here. Is this something to contact Law enforcement about? My ISP? Netgear? who would care about this sort of anomaly?  

Based on your attached jpg, it appears you are configuring your router with a long depreciated Netgear Genie application.

You should be logging in to your router user interface via a web browser using the router's IP address.

Doubtful anyone would go to the effort to spoof a login page.  Unless you have some high value information on your network, law enforcement would not be concerned.  What general area of the US are you located?

For reference, review this knowledge base article:

https://kb.netgear.com/119/How-do-I-set-up-and-install-my-NETGEAR-router

Go to the section on using a web browser.  AVOID, I repeat, avoid the mobile application.

Yes Sir, 

-I use a computer and ethernet cable plugged into ethernet port on the back.

-Launch Crome

-Type in URL bar 192.168.0.1

-Admin name (default cannot change) 

-Password (very Strong) 16-22 Char, Multiple Cap, Number, symbol, and lowercase.

    (never saved digitally, only written in notebook kept with me at all times) 

-then Net gear Genie loads

For the record, what was screen shot, was from a wireless connection, but i have videoed the admin page after log in from secure laptop with ethernet cable and i am immediately directed to NETGEAR genie on that, confirmed. 

what should it be? 

i do have the app but do not use it for anything but looking at devices on the network. 

confirmed this morning it to lacks options that are presented on the information page on IOS app store.

 
should i delete the App from my phone? is it susceptible to anything?

I live in southern New Hampshire.

Agreed, my network and devices do not hold anything worth monetary or informational value.

My household does have members who are likely hiding communication with what appears to be someone who is rather savvy and motivated. (Background story checks out, which is what has led me here this week). 

EDIT to the above: 

I tried to use routerlogin.com as directed on the reference guide. 

I was directed to a page directing me to the app. 

Listed below the app option, were options on if I wanted to log in to use the above process of entering 192.168.0.1. 

i cleared Cache, on Chrome, Tried again, same results,  Used Edge, cleared cache on that, same results. Both browsers were circular links back to the net gear page directing me to the app. 

The mobile applications are of very marginal value.  The degree of value depends on whether on iOS or Android, and on how new the design of the device you are connecting to.  The base design of your C7000v2 is not recent.

Look on the nameplate on your C7000v2, it should list the default IP address for your device.  Possibly 192.168.1.1 or some other variation.

Another reference here:  https://kb.netgear.com/27199/I-can-t-access-my-router-what-do-I-do

Snip attached from the opening screen on the user interface on my R9000.

You may have to be persistent to get to the user interface via a web browser.  Netgear is intent on forcing users toward the mobile application.