Showing results for 
Search instead for 
Did you mean: 

DoS with Netgear routers


DoS with Netgear routers

An interesting news article.

Network hardware maker Netgear has warned its customers of a flaw in some of its router products that could set off an "accidental" denial of service (DoS) attack.

The problem occurs because of a flawed implementation of the Network Time Protocol (NTP), which is a method commonly used by network devices to contact special "time" servers that pass on the correct time and date. This information is important for routers because they generate a variety of time-sensitive logs.

The flawed routers work fine until the moment one of their periodic requests for the correct time goes unanswered. If for whatever reason the "time" server is unavailable, the flawed router will continue sending requests until it is answered.

Earlier this year, the University of Wisconsin's NTP server was the victim of a huge DoS attack. The University claims it was receiving 250,000 requests per second, which equated to hundreds of megabits per second. The attack was not planned or malicious, but caused by hundreds of thousands of low-cost Netgear routers repeatedly requesting the latest time, causing the University's NTP server to fail.

According to the University of Wisconsin, which is currently working with Netgear to resolve the issue, the "unexpected behaviour of these products presents a significant operational problem for years to come." A full report of the attack is available on the University's Web site.

Only Netgear router models RP614, RP614v2, DG814, MR814 and HR314 are affected by the flaw. Anyone using one of these models should upgrade their firmware with an appropriate patch from the Netgear Web site.