Skip to comments.A question for our network gurus.
Posted on 05/22/2017 9:23:15 AM PDT by LouAvul
I recently installed a Netgear Nighthawk X6 router. I've replaced the default passwords with 10 digit, random, unrelated characters.
Two of my devices (a desktop and a laptop) are running Avast free virus protection.
When I run an Avast scan, it says Service is vulnerable to attacks from within your network. When I click on their recommended solution, they say to update the firmware. I've gone to the Netgear website and it says all is updated.
I recently vacationed in Colorado. I stayed at a private condo and used their wifi. I ran the Avast scan on my laptop. At my home, when I run the scan, I get the above warning. But at the CO condo, it gave me the A.O.K on all counts.
At my home, at any given time, I have six devices in my network. An Android television. Two iPhones. Two laptops. And two desktops.
Is the Avast scan saying my network is vulnerable to being hacked from outside my home? Or is it saying that the devices within my network are subject to being hacked by another device within my network?
Some device on your network may not be up to date?
In parameter - troubleshooting - port settings - check the box ignore local communications and / or remove port 80
Also, one of the laptops is running AVG. When I run a scan on that computer, ditto, no warning.
If that’s the case, then the warning only applies to devices already in my network? Nobody uses any of my devices other than my wife and myself.
I do this by logging onto the Netgear website for my router’s configuration?
Maybe they just want you to install Avast on every computer on your network.
What device is it saying is vulnerable? This could be anything from an open port on the network to a protocol-based exploit. Does Avast provide any guidance on what’s being scanned?
But by putting a strong password on your network, you have prevented any unauthorized hackers from getting on to attack you. Avast can’t know this, all it sees is the local machine.
One thing you might check is if UPnP is enabled on the router/switch. UPnP is often enabled by default on consumer-grade routers, and it’s a BIG target for exploits.
Not exactly. Using a strong password on a single device doesn't protect all of the traffic going through the device. Switches/routers are just "dumb" devices that send traffic to and from a source and destination. If those devices are configured with transport controls such as port forwarding, you could have problems beyond the strong password.
True, but not relevant. In order for internal hackers to attack you, they have to get a non-routable subnet IP by connecting to the router. Then they can use an ARP shout to build their internal routing table, and try to connect to other devices without going through the gateway.
This is not relevant to internal attackers because when you connect to GRC, you are going through the router, and using NAT. An internal attacker could connect directly over the local subnet.
Whut? Internal hackers? It’s a home network. If they’re already inside, it’s a moot point.
You can ARP from any machine in the network, and presuming it’s a flat architecture (no VLANs), every device on the network is going to be in the ARP table. Not hard to determine endpoint addresses at that point. Gateway isn’t an issue, because a flat network is all Layer 2. No need for routing.
You said the strong password protected the network. Ingress to a network from the Internet is done through open ports. If a port or ports is open to the Internet (e.g. 80, 443, 445, 3389), they can be accessed without using the password associated to the router.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.