Beware the NetGear firmware upgrade

If you have a NetGear WNDR4500, do NOT upgrade to firmware .18

Apparently NetGear messed up and the firmware causes the router to spew
out WOL packets every 5 minutes.

Even worse, apparently some NIC/system boards (Mine’s an ASUS)
completely ignore the BIOS setting to disable WOL (you can disable it,
and the darn thing still responds to a WOL anyway).

I thought my PC was haunted because a few minutes after I’d turn it
off, it’d come back on.


The opinions expressed are my own.
Check out my OES2 Guides:
Installing OES2 SP2:
http://www.novell.com/communities/node/11600/oes2-sp2-installation-guide
Upgrading to OES2 with ID Transfer:
http://www.novell.com/communities/node/11601/oes2-sp2-migration-guide-transfer-id-scenarios
GroupWise Migration with OES2 ID Transfer:
http://www.novell.com/communities/node/11602/groupwise-migration-netware-oes2-sp2-transfer-id

kjhurni’s Profile: http://forums.novell.com/member.php?userid=734
View this thread: http://forums.novell.com/showthread.php?t=459291

On 24/08/2012 14:26, kjhurni wrote:
[color=blue]

I thought my PC was haunted because a few minutes after I’d turn it
off, it’d come back on.[/color]

ROTFL!

Simon
Novell/SUSE/NetIQ Knowledge Partner


Do you work with Novell technologies at a university, college or school?
If so, your campus could benefit from joining the Novell Technology
Transfer Partner (TTP) program. See TTP Organization | Micro Focus for more details.

What I dont get is the WOL packet is supposed to only wake you up if it
matches your NIC Address.

Are these packets just being generated for MAC Addresses it sees on
random? Is it some type of Zero’d out MAC address that is being treated
as WOL Wildcard?

(I’ve looked for WOL Wildcard info, but never saw this as being a valid
option)

On 8/24/2012 9:26 AM, kjhurni wrote:[color=blue]

If you have a NetGear WNDR4500, do NOT upgrade to firmware .18

Apparently NetGear messed up and the firmware causes the router to spew
out WOL packets every 5 minutes.

Even worse, apparently some NIC/system boards (Mine’s an ASUS)
completely ignore the BIOS setting to disable WOL (you can disable it,
and the darn thing still responds to a WOL anyway).

I thought my PC was haunted because a few minutes after I’d turn it
off, it’d come back on.

[/color]


Craig Wilson - MCNE, MCSE, CCNA
Novell Knowledge Partner

Novell does not officially monitor these forums.

Suggestions/Opinions/Statements made by me are solely my own.
These thoughts may not be shared by either Novell or any rational human.

On 24/08/2012 16:26, craig wilson wrote:[color=blue]

What I dont get is the WOL packet is supposed to only wake you up if it
matches your NIC Address.

Are these packets just being generated for MAC Addresses it sees on
random? Is it some type of Zero’d out MAC address that is being treated
as WOL Wildcard?[/color]

NetGears usually like being their network’s DHCP server - that means
they usually have a nice list of what mac belongs to what IP address.

I would imagine this rogue code was populating its table from there.

On 24/08/2012 16:43, Dave Howe wrote:
[color=blue]

I would imagine this rogue code was populating its table from there.[/color]

Come to think of it, I recall one of the solaris based firewalls had
this as a “feature” - if you had a NAT down to a host, and the tcp
connection failed on connect, it would ping it. if that failed it would
send it a WOL to see if that woke it up to accept the connection…

On 8/24/2012 11:43 AM, Dave Howe wrote:[color=blue]

On 24/08/2012 16:26, craig wilson wrote:[color=green]

What I dont get is the WOL packet is supposed to only wake you up if it
matches your NIC Address.

Are these packets just being generated for MAC Addresses it sees on
random? Is it some type of Zero’d out MAC address that is being treated
as WOL Wildcard?[/color]

NetGears usually like being their network’s DHCP server - that means
they usually have a nice list of what mac belongs to what IP address.[/color]

The router would need to build an ARP cache so even if it wasn’t the
DHCP server it would have that list.

[color=blue]

I would imagine this rogue code was populating its table from there.
[/color]

craig_wilson;2215131 Wrote:[color=blue]

What I dont get is the WOL packet is supposed to only wake you up if it
matches your NIC Address.

Are these packets just being generated for MAC Addresses it sees on
random? Is it some type of Zero’d out MAC address that is being
treated
as WOL Wildcard?

(I’ve looked for WOL Wildcard info, but never saw this as being a
valid
option)

On 8/24/2012 9:26 AM, kjhurni wrote:[color=green]

If you have a NetGear WNDR4500, do NOT upgrade to firmware .18

Apparently NetGear messed up and the firmware causes the router to[/color]
spew[color=green]
out WOL packets every 5 minutes.

Even worse, apparently some NIC/system boards (Mine’s an ASUS)
completely ignore the BIOS setting to disable WOL (you can disable[/color]
it,[color=green]
and the darn thing still responds to a WOL anyway).

I thought my PC was haunted because a few minutes after I’d turn it
off, it’d come back on.

[/color]


Craig Wilson - MCNE, MCSE, CCNA
Novell Knowledge Partner

Novell does not officially monitor these forums.

Suggestions/Opinions/Statements made by me are solely my own.
These thoughts may not be shared by either Novell or any rational
human.[/color]

From my limited reading on the NetGear forums, it’s how the router
keeps track of “attached” devices (yes, I’m using it as my DHCP server,
plus I have some port forwarding going on), and they screwed up somehow
and decided that WOL should be the method to find stuff (go figure).

‘WNDR4500 auto send WOL packets FW V1.0.1.18_1.0.36 - NETGEAR Forums’
(http://forum1.netgear.com/showthread.php?p=414196)
‘Firmware 1.0.1.18 & WOL - Page 3 - NETGEAR Forums’
(http://forum1.netgear.com/showthread.php?t=77778&page=3)

Even more disturbing though is that my motherboard (and others) still
respond to a WOL request even if you disable it in the BIOS. Nice.


The opinions expressed are my own.
Check out my OES2 Guides:
Installing OES2 SP2:
http://www.novell.com/communities/node/11600/oes2-sp2-installation-guide
Upgrading to OES2 with ID Transfer:
http://www.novell.com/communities/node/11601/oes2-sp2-migration-guide-transfer-id-scenarios
GroupWise Migration with OES2 ID Transfer:
http://www.novell.com/communities/node/11602/groupwise-migration-netware-oes2-sp2-transfer-id

kjhurni’s Profile: http://forums.novell.com/member.php?userid=734
View this thread: http://forums.novell.com/showthread.php?t=459291

On 24.08.2012 19:46, kjhurni wrote:[color=blue]

Even more disturbing though is that my motherboard (and others) still
respond to a WOL request even if you disable it in the BIOS. Nice.[/color]

WAD. The motherboard settings are only of interest if the PC has been
attached to a power line after it was totally power free.

Otherwise, the previous settings of the OS nic driver come into play,
and the motherboard/bios settings are totally ignored. In both directions.

E.G: Your BIOS has WOL enabled, but in Windows in the nic properties,
you disable it. Boot Windows, shut windows down (but keep PC connected
to a power line), WOL will be disabled, regardless what your BIOS
setting is. Cut power line completely, put power back. WOL is on, until
windows boots the next time and lods the NIC driver.

CU,

Massimo Rosen
Novell Knowledge Partner
No emails please!
http://www.cfc-it.de

mrosen;2215281 Wrote:[color=blue]

On 24.08.2012 19:46, kjhurni wrote:[color=green]

Even more disturbing though is that my motherboard (and others)[/color]
still[color=green]
respond to a WOL request even if you disable it in the BIOS. Nice.[/color]

WAD. The motherboard settings are only of interest if the PC has been
attached to a power line after it was totally power free.

Otherwise, the previous settings of the OS nic driver come into play,
and the motherboard/bios settings are totally ignored. In both
directions.

E.G: Your BIOS has WOL enabled, but in Windows in the nic properties,
you disable it. Boot Windows, shut windows down (but keep PC connected
to a power line), WOL will be disabled, regardless what your BIOS
setting is. Cut power line completely, put power back. WOL is on,
until
windows boots the next time and lods the NIC driver.

CU,

Massimo Rosen
Novell Knowledge Partner
No emails please!
‘Untitled Document’ (http://www.cfc-it.de)[/color]

Thanks, although I had already disabled in Windows 7 as well (2nd thing
I tried after disabling it in the BIOS).

Although are you saying that if the NIC has the setting enabled in
Windows 7, that it somehow changes the hardware on the motherboard, so
that if the pc is powered off completely (not talking about
sleep/hibernate)–and that it may not be reflected in the BIOS?


The opinions expressed are my own.
Check out my OES2 Guides:
Installing OES2 SP2:
http://www.novell.com/communities/node/11600/oes2-sp2-installation-guide
Upgrading to OES2 with ID Transfer:
http://www.novell.com/communities/node/11601/oes2-sp2-migration-guide-transfer-id-scenarios
GroupWise Migration with OES2 ID Transfer:
http://www.novell.com/communities/node/11602/groupwise-migration-netware-oes2-sp2-transfer-id

kjhurni’s Profile: http://forums.novell.com/member.php?userid=734
View this thread: http://forums.novell.com/showthread.php?t=459291

Kevin,

On 27.08.2012 16:06, kjhurni wrote:[color=blue]

Although are you saying that if the NIC has the setting enabled in
Windows 7,[/color]

Any Windows, not only 7.
[color=blue]

that it somehow changes the hardware on the motherboard,[/color]

It doesn’t really “chnage” the hardware of course. It simply instructs
the nic to disable WOL, and as long as the PC has standby power, that
setting will stick.
[color=blue]

so
that if the pc is powered off completely (not talking about
sleep/hibernate)–and that it may not be reflected in the BIOS?[/color]

Correct. The BIOS obviously can’t change the windows activated setting
again, until it gets invoked. Which it doesn’t on a shutdown, but only
on a boot. :wink:

CU,

Massimo Rosen
Novell Knowledge Partner
No emails please!
http://www.cfc-it.de

mrosen;2215514 Wrote:[color=blue]

Kevin,

On 27.08.2012 16:06, kjhurni wrote:[color=green]

Although are you saying that if the NIC has the setting enabled in
Windows 7,[/color]

Any Windows, not only 7.
[color=green]

that it somehow changes the hardware on the motherboard,[/color]

It doesn’t really “chnage” the hardware of course. It simply instructs
the nic to disable WOL, and as long as the PC has standby power, that
setting will stick.
[color=green]

so
that if the pc is powered off completely (not talking about
sleep/hibernate)–and that it may not be reflected in the BIOS?[/color]

Correct. The BIOS obviously can’t change the windows activated setting
again, until it gets invoked. Which it doesn’t on a shutdown, but only
on a boot. :wink:

CU,

Massimo Rosen
Novell Knowledge Partner
No emails please!
‘Untitled Document’ (http://www.cfc-it.de)[/color]

Okay, thanks for the explanation.


The opinions expressed are my own.
Check out my OES2 Guides:
Installing OES2 SP2:
http://www.novell.com/communities/node/11600/oes2-sp2-installation-guide
Upgrading to OES2 with ID Transfer:
http://www.novell.com/communities/node/11601/oes2-sp2-migration-guide-transfer-id-scenarios
GroupWise Migration with OES2 ID Transfer:
http://www.novell.com/communities/node/11602/groupwise-migration-netware-oes2-sp2-transfer-id

kjhurni’s Profile: http://forums.novell.com/member.php?userid=734
View this thread: http://forums.novell.com/showthread.php?t=459291

On 24/08/2012 18:32, George wrote:[color=blue]

The router would need to build an ARP cache so even if it wasn’t the
DHCP server it would have that list.[/color]

Yup. but the arp cache isn’t usually persistent across reboots, the dhcp
pool usually is.