PDA

View Full Version : Beware the NetGear firmware upgrade



kjhurni
24-Aug-2012, 14:26
If you have a NetGear WNDR4500, do NOT upgrade to firmware .18

Apparently NetGear messed up and the firmware causes the router to spew
out WOL packets every 5 minutes.

Even worse, apparently some NIC/system boards (Mine's an ASUS)
completely ignore the BIOS setting to disable WOL (you can disable it,
and the darn thing still responds to a WOL anyway).

I thought my PC was haunted because a few minutes after I'd turn it
off, it'd come back on.


--
The opinions expressed are my own.
Check out my OES2 Guides:
Installing OES2 SP2:
http://www.novell.com/communities/node/11600/oes2-sp2-installation-guide
Upgrading to OES2 with ID Transfer:
http://www.novell.com/communities/node/11601/oes2-sp2-migration-guide-transfer-id-scenarios
GroupWise Migration with OES2 ID Transfer:
http://www.novell.com/communities/node/11602/groupwise-migration-netware-oes2-sp2-transfer-id
------------------------------------------------------------------------
kjhurni's Profile: http://forums.novell.com/member.php?userid=734
View this thread: http://forums.novell.com/showthread.php?t=459291

Simon Flood
24-Aug-2012, 15:02
On 24/08/2012 14:26, kjhurni wrote:

> I thought my PC was haunted because a few minutes after I'd turn it
> off, it'd come back on.

ROTFL!
--
Simon
Novell/SUSE/NetIQ Knowledge Partner

------------------------------------------------------------------------
Do you work with Novell technologies at a university, college or school?
If so, your campus could benefit from joining the Novell Technology
Transfer Partner (TTP) program. See novell.com/ttp for more details.
------------------------------------------------------------------------

craig wilson
24-Aug-2012, 16:26
What I dont get is the WOL packet is supposed to only wake you up if it
matches your NIC Address.

Are these packets just being generated for MAC Addresses it sees on
random? Is it some type of Zero'd out MAC address that is being treated
as WOL Wildcard?

(I've looked for WOL Wildcard info, but never saw this as being a valid
option)


On 8/24/2012 9:26 AM, kjhurni wrote:
>
> If you have a NetGear WNDR4500, do NOT upgrade to firmware .18
>
> Apparently NetGear messed up and the firmware causes the router to spew
> out WOL packets every 5 minutes.
>
> Even worse, apparently some NIC/system boards (Mine's an ASUS)
> completely ignore the BIOS setting to disable WOL (you can disable it,
> and the darn thing still responds to a WOL anyway).
>
> I thought my PC was haunted because a few minutes after I'd turn it
> off, it'd come back on.
>
>


--
Craig Wilson - MCNE, MCSE, CCNA
Novell Knowledge Partner

Novell does not officially monitor these forums.

Suggestions/Opinions/Statements made by me are solely my own.
These thoughts may not be shared by either Novell or any rational human.

Dave Howe
24-Aug-2012, 16:43
On 24/08/2012 16:26, craig wilson wrote:
> What I dont get is the WOL packet is supposed to only wake you up if it
> matches your NIC Address.
>
> Are these packets just being generated for MAC Addresses it sees on
> random? Is it some type of Zero'd out MAC address that is being treated
> as WOL Wildcard?

NetGears usually like being their network's DHCP server - that means
they usually have a nice list of what mac belongs to what IP address.

I would imagine this rogue code was populating its table from there.

Dave Howe
24-Aug-2012, 17:58
On 24/08/2012 16:43, Dave Howe wrote:

> I would imagine this rogue code was populating its table from there.

Come to think of it, I recall one of the solaris based firewalls had
this as a "feature" - if you had a NAT down to a host, and the tcp
connection failed on connect, it would ping it. if that failed it would
send it a WOL to see if that woke it up to accept the connection....

George
24-Aug-2012, 18:32
On 8/24/2012 11:43 AM, Dave Howe wrote:
> On 24/08/2012 16:26, craig wilson wrote:
>> What I dont get is the WOL packet is supposed to only wake you up if it
>> matches your NIC Address.
>>
>> Are these packets just being generated for MAC Addresses it sees on
>> random? Is it some type of Zero'd out MAC address that is being treated
>> as WOL Wildcard?
>
> NetGears usually like being their network's DHCP server - that means
> they usually have a nice list of what mac belongs to what IP address.


The router would need to build an ARP cache so even if it wasn't the
DHCP server it would have that list.


>
> I would imagine this rogue code was populating its table from there.
>

kjhurni
24-Aug-2012, 18:46
craig_wilson;2215131 Wrote:
> What I dont get is the WOL packet is supposed to only wake you up if it
> matches your NIC Address.
>
> Are these packets just being generated for MAC Addresses it sees on
> random? Is it some type of Zero'd out MAC address that is being
> treated
> as WOL Wildcard?
>
> (I've looked for WOL Wildcard info, but never saw this as being a
> valid
> option)
>
>
> On 8/24/2012 9:26 AM, kjhurni wrote:
> >
> > If you have a NetGear WNDR4500, do NOT upgrade to firmware .18
> >
> > Apparently NetGear messed up and the firmware causes the router to
> spew
> > out WOL packets every 5 minutes.
> >
> > Even worse, apparently some NIC/system boards (Mine's an ASUS)
> > completely ignore the BIOS setting to disable WOL (you can disable
> it,
> > and the darn thing still responds to a WOL anyway).
> >
> > I thought my PC was haunted because a few minutes after I'd turn it
> > off, it'd come back on.
> >
> >
>
>
> --
> Craig Wilson - MCNE, MCSE, CCNA
> Novell Knowledge Partner
>
> Novell does not officially monitor these forums.
>
> Suggestions/Opinions/Statements made by me are solely my own.
> These thoughts may not be shared by either Novell or any rational
> human.

From my limited reading on the NetGear forums, it's how the router
keeps track of "attached" devices (yes, I'm using it as my DHCP server,
plus I have some port forwarding going on), and they screwed up somehow
and decided that WOL should be the method to find stuff (go figure).

'WNDR4500 auto send WOL packets FW V1.0.1.18_1.0.36 - NETGEAR Forums'
(http://forum1.netgear.com/showthread.php?p=414196)
'Firmware 1.0.1.18 & WOL - Page 3 - NETGEAR Forums'
(http://forum1.netgear.com/showthread.php?t=77778&page=3)

Even more disturbing though is that my motherboard (and others) still
respond to a WOL request even if you disable it in the BIOS. Nice.


--
The opinions expressed are my own.
Check out my OES2 Guides:
Installing OES2 SP2:
http://www.novell.com/communities/node/11600/oes2-sp2-installation-guide
Upgrading to OES2 with ID Transfer:
http://www.novell.com/communities/node/11601/oes2-sp2-migration-guide-transfer-id-scenarios
GroupWise Migration with OES2 ID Transfer:
http://www.novell.com/communities/node/11602/groupwise-migration-netware-oes2-sp2-transfer-id
------------------------------------------------------------------------
kjhurni's Profile: http://forums.novell.com/member.php?userid=734
View this thread: http://forums.novell.com/showthread.php?t=459291

Massimo Rosen
25-Aug-2012, 10:16
On 24.08.2012 19:46, kjhurni wrote:
>
> Even more disturbing though is that my motherboard (and others) still
> respond to a WOL request even if you disable it in the BIOS. Nice.

WAD. The motherboard settings are only of interest if the PC has been
attached to a power line after it was totally power free.

Otherwise, the previous settings of the OS nic driver come into play,
and the motherboard/bios settings are totally ignored. In both directions.

E.G: Your BIOS has WOL enabled, but in Windows in the nic properties,
you disable it. Boot Windows, shut windows down (but keep PC connected
to a power line), WOL will be disabled, regardless what your BIOS
setting is. Cut power line completely, put power back. WOL is on, until
windows boots the next time and lods the NIC driver.

CU,
--
Massimo Rosen
Novell Knowledge Partner
No emails please!
http://www.cfc-it.de

kjhurni
27-Aug-2012, 15:06
mrosen;2215281 Wrote:
> On 24.08.2012 19:46, kjhurni wrote:
> >
> > Even more disturbing though is that my motherboard (and others)
> still
> > respond to a WOL request even if you disable it in the BIOS. Nice.
>
> WAD. The motherboard settings are only of interest if the PC has been
> attached to a power line after it was totally power free.
>
> Otherwise, the previous settings of the OS nic driver come into play,
> and the motherboard/bios settings are totally ignored. In both
> directions.
>
> E.G: Your BIOS has WOL enabled, but in Windows in the nic properties,
> you disable it. Boot Windows, shut windows down (but keep PC connected
> to a power line), WOL will be disabled, regardless what your BIOS
> setting is. Cut power line completely, put power back. WOL is on,
> until
> windows boots the next time and lods the NIC driver.
>
> CU,
> --
> Massimo Rosen
> Novell Knowledge Partner
> No emails please!
> 'Untitled Document' (http://www.cfc-it.de)

Thanks, although I had already disabled in Windows 7 as well (2nd thing
I tried after disabling it in the BIOS).

Although are you saying that if the NIC has the setting enabled in
Windows 7, that it somehow changes the hardware on the motherboard, so
that if the pc is powered off completely (not talking about
sleep/hibernate)--and that it may not be reflected in the BIOS?


--
The opinions expressed are my own.
Check out my OES2 Guides:
Installing OES2 SP2:
http://www.novell.com/communities/node/11600/oes2-sp2-installation-guide
Upgrading to OES2 with ID Transfer:
http://www.novell.com/communities/node/11601/oes2-sp2-migration-guide-transfer-id-scenarios
GroupWise Migration with OES2 ID Transfer:
http://www.novell.com/communities/node/11602/groupwise-migration-netware-oes2-sp2-transfer-id
------------------------------------------------------------------------
kjhurni's Profile: http://forums.novell.com/member.php?userid=734
View this thread: http://forums.novell.com/showthread.php?t=459291

Massimo Rosen
27-Aug-2012, 23:02
Kevin,

On 27.08.2012 16:06, kjhurni wrote:
>
> Although are you saying that if the NIC has the setting enabled in
> Windows 7,

Any Windows, not only 7.

> that it somehow changes the hardware on the motherboard,

It doesn't really "chnage" the hardware of course. It simply instructs
the nic to disable WOL, and as long as the PC has standby power, that
setting will stick.

> so
> that if the pc is powered off completely (not talking about
> sleep/hibernate)--and that it may not be reflected in the BIOS?

Correct. The BIOS obviously can't change the windows activated setting
again, until it gets invoked. Which it doesn't on a shutdown, but only
on a boot. ;)

CU,
--
Massimo Rosen
Novell Knowledge Partner
No emails please!
http://www.cfc-it.de

kjhurni
28-Aug-2012, 15:46
mrosen;2215514 Wrote:
> Kevin,
>
> On 27.08.2012 16:06, kjhurni wrote:
> >
> > Although are you saying that if the NIC has the setting enabled in
> > Windows 7,
>
> Any Windows, not only 7.
>
> > that it somehow changes the hardware on the motherboard,
>
> It doesn't really "chnage" the hardware of course. It simply instructs
> the nic to disable WOL, and as long as the PC has standby power, that
> setting will stick.
>
> > so
> > that if the pc is powered off completely (not talking about
> > sleep/hibernate)--and that it may not be reflected in the BIOS?
>
> Correct. The BIOS obviously can't change the windows activated setting
> again, until it gets invoked. Which it doesn't on a shutdown, but only
> on a boot. ;)
>
> CU,
> --
> Massimo Rosen
> Novell Knowledge Partner
> No emails please!
> 'Untitled Document' (http://www.cfc-it.de)

Okay, thanks for the explanation.


--
The opinions expressed are my own.
Check out my OES2 Guides:
Installing OES2 SP2:
http://www.novell.com/communities/node/11600/oes2-sp2-installation-guide
Upgrading to OES2 with ID Transfer:
http://www.novell.com/communities/node/11601/oes2-sp2-migration-guide-transfer-id-scenarios
GroupWise Migration with OES2 ID Transfer:
http://www.novell.com/communities/node/11602/groupwise-migration-netware-oes2-sp2-transfer-id
------------------------------------------------------------------------
kjhurni's Profile: http://forums.novell.com/member.php?userid=734
View this thread: http://forums.novell.com/showthread.php?t=459291

Dave Howe
28-Aug-2012, 16:36
On 24/08/2012 18:32, George wrote:
> The router would need to build an ARP cache so even if it wasn't the
> DHCP server it would have that list.

Yup. but the arp cache isn't usually persistent across reboots, the dhcp
pool usually is.