|reply to msmisfit |
Re: WNDR3800 Security questions
said by msmisfit:
Am I right or wrong to assume that this router has basic/default firewall/security settings out of the box?
I had a Linksys router before and didn't have to do anything to the security settings, but I have a hard time understanding the settings that I can find in the Netgear router. Is there anything I need to do to make sure I'm protected on the WAN side? TIA....
out of the box, it should have an SPI and NAT enabled(mine did). Really, its more about having your computers have a decent firewall than anything else. The router auto drops ping and other requests from the WAN(unless you have a port forwarded for it). I would suggest you change the default password(and login if you know how), because even tho external access is disabled by default, there is a flaw that allows remote attackers to gain access to the router config interface via the WAN port, and if you have the default password still, well, you know the rest. I turned the SPI firewall and NAT off on mine because its not conductive to torrents or FPS gaming(NAT by its very nature causes more latency, as does the SPI firewall, and it can only go so fast). As long as each individual computer that is on your LAN side is protected, you should be fine. Never rely on a router for a firewall, because routers will all to easily give up what is connected to them.
All my computers have firewalls, but I wanted the additional security of the router's firewall.
Earletp [here] gave me the instructions on how to change the access codes in an earlier thread I started. Thanks for the additional info you've given me and responding to my IM so quickly. I really appreciate it.
|reply to Chubbysumo | said by Chubbysumo:
... even tho external access is disabled by default, there is a flaw that allows remote attackers to gain access to the router config interface via the WAN port, and if you have the default password still, well, you know the rest.
I forgot to ask you if this "flaw" has to do with WPS, which I disabled as advised somewhere [at BBR or the Netgear forum]. I read that it could be hacked.