NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
warpdag
Jan 25, 2020Apprentice
RBR850 Massive Security Fail - Many ports responding to requests
Just bought the thing, using the latest firmware V3.2.9.2_1.2.4. Did not Disable Port Scan and DoS Protection. WAN ports respond to unsollicited requests, instead of ignoring. They do respond clo...
FURRYe38
May 24, 2020Guru
Well if there is a valid app or device accessing the port, then the port would be open at the time if GRC was being tested.
Here is my GRC results with everything conneted and working normally:
Well, seems like this new version of FW is helping or chaning what had been seeing in prior versions of FW. Users will be encouraged to update.
warpdag wrote:
And I did just that, I bought into Ubiquiti (see attached photo, with UPnP enabled just to make a point, but note that a cheap/old TP-Link AP I had lying around worked just as well).
Also note that what you’re describing is incorrect, GRC shouldn’t see open ports, period. The router should track sessions and behave accordingly, i.e. if an IP knocks at a certain port but there’s no ongoing session with this IP, the response should be drop (no response), even if the port is open to service ongoing, valid sessions.
tantrum
May 24, 2020Apprentice
Just because a port is open doesn't mean packets won't or can't be filtered and dropped because they are coming from another session, as warpdag described, thus appearing to a 3rd party like GRC like the port is still stealthed even if the network is actively communicating over it.
I think we're done here. Again, glad to see this be fixed by NG.