×  Introducing Nighthawk RS700 WiFi 7 (BE) Router. For more details, please visit Nighthawk Tri-Band WiFi 7 Router.

Start a New Discussion

Start a New Discussion

Reply

Re: Firmware auto update domain

PyroDog
Apprentice
Apprentice
‎2018-01-29 07:44 AM
‎2018-01-29 07:44 AM

Firmware auto update domain

I was running firmware 2.0.0.74 on my Orbi system with NVRAM set to disable updates. Everything was running prefect as that firmware is rock steady for me. Today I found my system had self updated to the latest firmware even though NVRAM was set to prevent this.

Does anyone know what domain name Orbi uses when self updating? I'm thinking of blocking the domains at the firewall level to prevent Orbi from selfupdating again.

Model: RBK50| Orbi AC3000 High-Performance Tri-Band WiFi System
Message 1 of 8
Labels:
0 Kudos
Reply

Accepted Solutions
rhester72
Virtuoso
Virtuoso
‎2018-02-02 09:52 AM
‎2018-02-02 09:52 AM

Re: Firmware auto update domain

Kept digging on this and learned the following:

 

TCP port 443 (HTTPS): http.fw.updates1.netgear.com

 

TCP port 21 (FTP): updates1.netgear.com

 

I believe those two are all that's necessary to block.  Orbi tries HTTPS first, then FTP.

View solution in original post

Message 3 of 8
Reply

All Replies
rhester72
Virtuoso
Virtuoso
‎2018-01-29 11:55 AM
‎2018-01-29 11:55 AM

Re: Firmware auto update domain

I suspect this will be very hard to block.

 

When I just checked, Orbi did an A-record lookup for:

 

A1599ER83NVYL8.iot.us-west-2.amazonaws.com

Message 2 of 8
Reply
rhester72
Virtuoso
Virtuoso
‎2018-02-02 09:52 AM
‎2018-02-02 09:52 AM

Re: Firmware auto update domain

Kept digging on this and learned the following:

 

TCP port 443 (HTTPS): http.fw.updates1.netgear.com

 

TCP port 21 (FTP): updates1.netgear.com

 

I believe those two are all that's necessary to block.  Orbi tries HTTPS first, then FTP.

Message 3 of 8
Reply
PyroDog
Apprentice
Apprentice
‎2018-02-02 09:53 AM
‎2018-02-02 09:53 AM

Re: Firmware auto update domain

Thank you! 

Message 4 of 8
0 Kudos
Reply
Mayhugh1
Apprentice
Apprentice
‎2018-02-02 12:16 PM
‎2018-02-02 12:16 PM

Re: Firmware auto update domain

Does that keep them out of the Orbi or just out of the computers on the LAN behind the Orbi ?

 

Model: RBK53| Orbi Router + 2 Satellites Orbi WiFi System
Message 5 of 8
0 Kudos
Reply
rhester72
Virtuoso
Virtuoso
‎2018-02-02 02:13 PM
‎2018-02-02 02:13 PM

Re: Firmware auto update domain

It should prevent the Orbi from finding any updates to the firmware.

Message 6 of 8
0 Kudos
Reply
PyroDog
Apprentice
Apprentice
‎2018-02-05 06:11 PM
‎2018-02-05 06:11 PM

Re: Firmware auto update domain

I want to thank you for your posts. I went a step further and blocked all internet access for the Orbi units using my firewall. I'm pleased to see this workaround works great at preventing forced updates.Screen Shot 2018-02-05 at 8.07.52 PM.png

 

 

Message 7 of 8
Reply
Hawk600
Star
Star
‎2018-02-07 07:27 AM
‎2018-02-07 07:27 AM

Re: Firmware auto update domain

Can you please provide more details how did you do that?

 

These auto-updates by NG besides a failure are just anoying and disrespectful with customers.

There are some posts on this forum from certain NG "developers" that clearly show how arrogant and at the same time ignorant they are.

They think they now everything and assume all customers are just dumb.

 

Message 8 of 8
Reply
Top Contributors
See All
Discussion stats
  • 7 replies
  • ‎2018-01-29 07:44 AM
  • 4963 views
  • 4 kudos
  • 4 in conversation
Announcements

Orbi WiFi 6E