Is the Netgear GS 108 Safe? (was: Netgear GS 108 Prosafe security vulnerability)

[Geoff]

https://www.bleepingcomputer.com/ne...- ... n-devices/

Those of us who use this device for our networks should do a bit of research on this. There are several links on bleepingcomputer to start. I've downloaded the latest firmware, but haven't checked my device to see if it's up to date. If there are geeks who can shed further light on this please weigh in. Specifically, my question would be are the audiophile switches, such as English electric or Bonn units, built on this hardware? Definitely change your default password.

Could someone with access please copy/paste this to the Kabin etc.

[springwood64]

I couldn't find any posts regarding Netgear GS108T.

Even if it does have security flaws, it's not going to create security weaknesses for those of us using it with an internet router, since the internet router provides the defenses against external attack, not the Netgear.

[matthias]

Page of the link doesn't exist.

[Geoff]

https://www.bleepingcomputer.com/news/s ... d-routers/

I'm sorry, this is a better link. I had many tabs open doing my research, and I copied the wrong one. The links at the bottom of the page show further research.

I'm not certain that it's only routers. They did make a Prosafe router, but these are also labeled Prosafe. My firmware is at the latest version, and I think I don't allow remote access.

[lejonklou]

I don’t really see the relevance of this thread. The subject line is misleading, as there is no vulnerability in the GS-108T that applies to how we use it; in a local area network where access to the internet is through a router.

If you have a Netgear Prosafe router you might want to check whether you’re affected, but I don’t think this forum is the right place to warn about general internet safety issues.

[Geoff]

I'm not reading that bulletin the same way Fredrik, as my gut says they run the same codebase. All a router adds is the ability to connect to a WAN? Plus my feeling is you wouldn't have routers located, as one article states, "at the edges of networks" These are "end of life" devices that haven't seen firmware updates, but still function well, were acquired cheaply, are a PITA to replace, if they are even noticed under someone's desk, and thus are perfect targets for compromise. I tried to find a complete list of the devices, but couldn't.

Fredrik, I hope you are right, but better safe than sorry. An ounce of prevention is worth a pound of cure. Knowledge is power. Etc.

[jajo]

This is 100% irrelevant.

All of us (yes, I dare to say that) have our switch behind a firewall (the router) and because of that it cannot be accessed in any way by a hacker from WAN (Internet). These vulnerabilities rely on access to services running on the hardware (like the web server for configuration). These resources are never exposed to the WAN (Internet) unless the user has consciously done so by setting such rules in their router/firewall.

Reasons to worry: none.

[Geoff]

I'm happy to hear that delivered so absolutely. This is why I posted this, to get expert advice.

Still my question here is can't these things respond to a probe by a hacker? Isn't it child's play to get past consumer class routers security? The homepage of Bleepingcomputer had the latest penetration of Russians using Ubiquity routers they had exploited. Once inside a network they could then, as one article said, use the Netgear units to "live off the land". They said these units were compromised for years, constantly pinging servers awaiting instructions. It is said the FBI shut those URL's down, but aren't these devices still compromised, awaiting further instructions, or a new exploit? When I look at the logs my NAS makes, there seem to be "penetrations" every several minutes from IP addresses located in obscure nations. It is behind my carrier supplied modem, my always updated Asus router, and my 108T. The NAS itself has it's own firewall.

And further to this, I live in Taiwan, which ups my threat environment significantly. I am reassured by the absolutist responses here, thank you, but Estonia, Sony, the IRS, Equifax, and a bunch of QNAP NAS's have been hacked, so let's never say never shall we? The price of freedom is eternal vigilance.

[jajo]

Still my question here is can't these things respond to a probe by a hacker? Isn't it child's play to get past consumer class routers security?

No. It is not.

But if you manage to get through the router/firewall - why would you care about the Netgear Switch? You can access everything on the network at this point, regardless of the switch.

If your goal is to capture any non-encrypted traffic (which is almost none nowadays) you would probably get the most interesting traffic through the router that is already hacked.

In any case, A GS-108 will never be an entry point for hackers in a normal network setup.

[springwood64]

It's very important to secure the internet router and gateway. Make sure that you have changed the administrator password and the firmware is up to date.

Make sure at all your WiFi access points are secured with non default passwords and the most secure authorisation that your router supports.

Disable guest WiFi access.

Your WiFi is actually one of the more vulnerable parts of the system if coverage extends beyond your property.

In contrast, the Netgear switch provides no external access to your network or devices, so its security status is not important.

Any personal computers or mobiles, especially devices that are used to access email or websites, are also a security risk, though not to the issues identified in the article you linked to.

For domestic users, the most common risk is identity theft or malicious access to financial accounts.

[jajo]

Most important is to use a Wifi-password that is completely random (no words) and at least 8 characters long.

But still, attacking wifi require that you are in close proximity to the router. That exclude most of the threats.

Attacking a router through the internet (remote) is virtually impossible even if passwords are crap.