1. Home
  2. Networking Firewalls
  3. What's the story with NETGEAR FVS328?

What's the story with NETGEAR FVS328?

I have been using the NETGEAR FVS328 for about 6 months now. It connects a small and simple home network (a few Windows based PCs) to the Internet.

I updated its firmware as soon as a stable version was released (first

1.0_09 and now I have 1.0_14).

Yeah, we have no problem connecting to the internet, but the question is... is it safe enough? Does it really do the job of firewalling by being hack-proof or is it as reliable as Microsoft Windows itself... ?

Points in question:

  • Every once in a while, the logs email ceases to function - until I reboot the unit. I don't mind rebooting every 6 months, but rebooting once a week is really annoying. Previously I used to have a Linux RedHat 6.2 based firewall (ipchains) and I rarely had to reboot it.
  • The DNS lookup function using the web interface simply doesn't work.
  • Every once in a while (frequency not yet determined) I get an "Administrator Interface Connecting" message logged, despite the fact that no one in my home as attempted to connect to this router via the web interface.

There are a few more problems that leave a lot to be desired (comparing to my old Linux RedHat 6.2 based firewall), but the most troubling problem is the feeling that my NETGEAR FVS328 has been compromised/hacked by some external hacker, but I have no way of knowing that since the logs of this thing are useless... (first, some of them never being emailed, but even if I received all of them, the logs are simply filled with irrelevant data witouth any way to filter out unnecessary entries). I never had this problem with my no-cost Linux RedHat 6.2 based firewall.

So, the obvious question is: did I buy a lemon?

If not, then how do I verify that this thing is not used to attack my LAN from inside?

BTW, I contacted NETGEAR tech support back then when I first learned about the scary "Administrator Interface Connecting" messages, but it was completely useless as the only thing they were able to suggest was upgrade my firmware from 1.0_09 to 1.0_13 BETA.

Any thoughts? Ideas? Similar experience?

Thanks, Lynn

P.S. For those who are curious why I bought this firewall/router if my Linux-based firewall was so good: I was simply trying to get rid of the noise (HDD and other fans) and wasteful power consumption.

Reply to
linuxlover992000
Loading thread data ...

If it wasn't broke then why did you fix it with and update?

It and the Windows O/S are reliable enough if you know how to configure them properly for security, if it and the Windows O/S you're using can be configured or *harden* to attack.

Did it work on the old firmware?

Kiwi Syslog Daemon will allow you to use capture the logs and dump them into a database such as MS Access, SQL Server and others and using something like Crystal Reports and filter out anything you don't want to see. That feature only comes with the paid for version.

formatting link

Well some use a PFW solution at the machine level to supplement the NAT router.

If you were using a true FW on a host gateway computer, then why would you get a NAT router with no true (FW) instead of a low-end FW appliance that meets the specs for *What does a FW do* in the link.

formatting link
This link may help you with more information.

formatting link
Hey, if you're not doing high risk things like port forwarding on the NAT router, then the NAT router is good enough for home usage.

Low-end FW appliances have a reasonable price now of days.

The old saying goes you get what you pay for.

Duane :)

Reply to
Duane Arnold

Well, it *was* broke. It actually exhibited the same problems that I currently have, except that it would take it a little longer before logs would stop being emailed. As I described in my original posting, I contacted NETGEAR's customer support, but all I received from them was a suggestion to upgrade to the latest firmware (which was Beta at the time, so I waited until they released a "stable" one before going ahead with the update).

The old firmware had the 1st and 3rd problems as well. As for the 2nd problem (DNS lookup) I don't remember how it behaved with the older firmware, but currently it seems to be correlated to the email halt.

Notice that once I hard-reset the NETGEAR FVS328 (unplug, then re-plug power conncetor), it starts emailing logs again (and the DNS works as expected).

That is exactly what I do. Each and every of the PCs connected through this router/FW also run some version of ZoneAlarm.

What do you mean by that? I thought that the NETGEAR FVS328 *is* a firewall... I can program it at least to block all traffic by default and only allow the protocols/port/ip combinations that I specifically indicate. What do you mean by saying it is "not a true firewall"?

Yes, I did read the links you provided (thank you), but couldn't find anything there that indicates that the NETGEAR FVS328 is not a firewall.

Well, I don't think I do any port forwarding (why would I need something like that?), but I do want to protect personal data that is conveniently located on a Samba server from hackers access. That Samba box is connected to the LAN but has no access to the Internet - at least as long as no one hacked the FVS328...

So, the obvious question is: Is the NETGEAR FVS328 "hackable"? I know that in theory *everything* is hackable, but I am basically interested to know whether there have been reports of sub $200 NETGEAR appliances (like mine) being hacked/compromised.

Can you name one or two such for example?

Thanks! Lynn

Reply to
linuxlover992000

snipped-for-privacy@yahoo.com wrote in news:1115686697.713068.260150 @z14g2000cwz.googlegroups.com:

Well I had the same types of problems with the Linksys NAT router of having to do hard resets to fix problems such as lock-ups and other things that continually happened with the router. I never had another peep out of that router after I got a UPS/AVR system to keep the power clean and constant. That fixed my problems. Maybe you have the same and it's something else in your case.

If you had a FW appliance, then you would not need to supplement the NAT router with a PFW solution on any machine. I got rid of them on all machines expect for my laptop since it could be in a mobile situation. I don't even use the one that is on Linux running the Samba server.

It's suppose to do that by default. But maybe you had to configure it to do so on the NetGear.

Well that router seems to be closer than most NAT routers to be something that is being a packet filtering FW that can set rules. Most are not like that.

That's if you had software running on a machine that needed ports open on the router to the public Internet, like your Linux machine running a Web server port 80 HTTP would need to be forwarded to the LAN IP/machine that had the Web server running so that a user could contact the Website/Web server.

, but I do want to protect personal data that is

I know that attacks can be run against NAT routers and all I can tell you is that probes came past that Linksys NAT router at SQL Server a couple of times and the only thing that stop it was the PFW solution running on the machines. Hey that's Linksys I don't know about the Netgear. That prompted me to go gat a FW appliance to protect IIS, SQL Server and some other things on the machines and I have not looked back.

WatchGuard Firebox III SOHO 6 and and I think its replacment X5 series.

But there are others besides WG link Sonicwall, Netscreen, Snapgear, Cisco.

Hey my situation is different and your set-up may be perfectly fine for you needs.

Duane :)

Reply to
Duane Arnold

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.