- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have the Actiontec MI424WR-GEN3I router Firmware: 40.21.24
I just ran the Nessus scanner to check the security of the router and it found a whole bunch of problems.
Here is the list. Do you have a firmware upgrade to help with these issues?
SSL 64-bit Block Size Cipher Suites Supported (SWEET32)
SSL Certificate Cannot Be Trusted
SSL Certificate Signed Using Weak Hashing Algorithm
SSL DROWN Attack Vulnerability (Decrypting RSA with Obsolete and Weakened eNcryption)
SSL Version 2 and 3 Protocol Detection
SSL Weak Cipher Suites Supported
SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE) SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection
UPnP Internet Gateway Device (IGD) Protocol Detection
Solved! Go to Correct Answer
Correct answers
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Its not a cop out.
This is a peer to peer support forum.
Verizon does not respond to issues here.
When it comes to software updates to Verizon router, you have to talk to them directly.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is a peer to peer support forum.
You will need to contact support.
1800verizon or twitter @verizonsupport.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
That's a cop out. "Talk to someone else." Not solved. No kudos.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
After explaining that my Actiontec MI424WR-GEN3I router has many vulnerabilities, the response from Verizon Support is: "You have reached Verizon Technical Support. You can continue to use our router or your own.^NHP"
"We give you a router. Just don't expect it to be secure."
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@sullivan wrote:After explaining that my Actiontec MI424WR-GEN3I router has many vulnerabilities, the response from Verizon Support is: "You have reached Verizon Technical Support. You can continue to use our router or your own.^NHP"
"We give you a router. Just don't expect it to be secure."
Technically they give nothing for free. The update to your router sent out by Verizon Fios and even cable companies should secure it from OUTSIDE ATTACKS just like Netgear and Belkin and Asus had done via a firmware update.
You may see your own network which is normal.
go to http://www.grc.com and take the shields up test by Gibson Research.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Its not a cop out.
This is a peer to peer support forum.
Verizon does not respond to issues here.
When it comes to software updates to Verizon router, you have to talk to them directly.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Not familiar with the nessus scanner. Is it reporting these vulnerbilities against your WAN (external access) or internal.
Be sure to turn off external router admin (in the advanced options). Should be off by default.
Yes the internal ssl option to the router admin page(which most don't even turn on) is using weak certificates and most of other things you mentioned. If do have wan admin off most of the problems mentioned don't matter. Also the PnP options can be turned off. If you can't find the page (they hid it awhile back) its at http://192.168.1.1/index.cgi?active%5fpage=900 (logon first).
Remember you are asking peers here. Not Verizon Support.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Apologies. Thought you were saying that you only dealt with P2P networking issues. I thought I was dealing with Verizon. The fact that peers have more information than Verizon is not surprising. I suppose I had a hard time wrapping my head around the fact that Verizon is so useless. You guys are performing a much needed service. I did turn off the PnP, so that's an improvement. Ultimately I'm buying a new router. It doesn't answer the much larger question of why Verizon is putting insecure routers in people's homes in the first place, and most people don't know. There's essentially a bunch of backdoors into your network. What's additionally surprising is that if you do a search for secure routers, there's very few websites that even deal with the issue. Tons of pages on all the different types of routers, not much on security. That's troubling.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I think the key phrase there is "cable companies should secure it". There's a difference between giving nothing away for free and giving me a compromised router with backdoors. I appreciate your help.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@sullivan wrote:I think the key phrase there is "cable companies should secure it". There's a difference between giving nothing away for free and giving me a compromised router with backdoors. I appreciate your help.
I appreciate the thank you 😀
The world we live in today is in a very cautious state. And you can see why.