Re: What's the story with NETGEAR FVS328?
From: Duane Arnold (Notme_at_Notme.com)
Date: Sat, 07 May 2005 00:37:29 GMT
<firstname.lastname@example.org> wrote in message
>I have been using the NETGEAR FVS328 for about 6 months now. It
> connects a small and simple home network (a few Windows based PCs) to
> the Internet.
> I updated its firmware as soon as a stable version was released (first
> 1.0_09 and now I have 1.0_14).
If it wasn't broke then why did you fix it with and update?
> Yeah, we have no problem connecting to the internet, but the question
> is... is it safe enough? Does it really do the job of firewalling by
> being hack-proof or is it as reliable as Microsoft Windows itself... ?
It and the Windows O/S are reliable enough if you know how to configure them
properly for security, if it and the Windows O/S you're using can be
configured or *harden* to attack.
> Points in question:
> * Every once in a while, the logs email ceases to function - until I
> reboot the unit. I don't mind rebooting every 6 months, but rebooting
> once a week is really annoying. Previously I used to have a
> Linux RedHat 6.2 based firewall (ipchains) and I rarely had to
> reboot it.
> * The DNS lookup function using the web interface simply doesn't work.
> * Every once in a while (frequency not yet determined) I get an
> "Administrator Interface Connecting" message logged, despite the fact
> that no one in my home as attempted to connect to this router via the
> web interface.
Did it work on the old firmware?
> There are a few more problems that leave a lot to be desired (comparing
> to my old Linux RedHat 6.2 based firewall), but the most troubling
> problem is the feeling that my NETGEAR FVS328 has been
> compromised/hacked by some external hacker, but I have no way of
> knowing that since the logs of this thing are useless... (first, some
> of them never being emailed, but even if I received all of them, the
> logs are simply filled with irrelevant data witouth any way to filter
> out unnecessary entries). I never had this problem with my no-cost
> Linux RedHat 6.2 based firewall.
Kiwi Syslog Daemon will allow you to use capture the logs and dump them into
a database such as MS Access, SQL Server and others and using something like
Crystal Reports and filter out anything you don't want to see. That feature
only comes with the paid for version.
> So, the obvious question is: did I buy a lemon?
> If not, then how do I verify that this thing is not used to attack my
> LAN from inside?
Well some use a PFW solution at the machine level to supplement the NAT
> BTW, I contacted NETGEAR tech support back then when I first learned
> about the scary "Administrator Interface Connecting" messages, but it
> was completely useless as the only thing they were able to suggest was
> upgrade my firmware from 1.0_09 to 1.0_13 BETA.
> Any thoughts? Ideas? Similar experience?
If you were using a true FW on a host gateway computer, then why would you
get a NAT router with no true (FW) instead of a low-end FW appliance that
meets the specs for *What does a FW do* in the link.
This link may help you with more information.
Hey, if you're not doing high risk things like port forwarding on the NAT
router, then the NAT router is good enough for home usage.
Low-end FW appliances have a reasonable price now of days.
The old saying goes you get what you pay for.