No Way - What made TP-Link change their mind?
@TP-Link ,
After nearly a year of people being censored, being told the new routers we had just purchased were no longer being supported I awake to a notification from Home Assistant.
TP-LINK NEW FIRMWARE
What ? What is this? Is it Christmas already? Ohh no am I dead?
I went through all the emotions this fine raining morning as I make my morning brew.
I'm alive, I have lost an arm or a leg, yes I still have sheitty toddler nappies that need change. I'm confused, as I sit with my brew finally. It's confirmed.
TP-link has changed their mind, an entire year later and give us Firmware version 1.3.1 build 20231207. Ohh many must be jumping in joy, the weak code provided to us last firmware version allowing enticing TCP Attacks and being to the solution to stop the error logs was simply to just unblock the attacks.
That's until you read the release note: This firmware fixed some known security vulnerabilities.
Great TP-Link 👍, 12 months, another bull sheit firmware, still telling your customers either you keep up with buying our hardware releases or go unsupported with our software.
Very Christmas 🎄 TP-Link the largest IT company with the most potential still throwing it down the drain letting your competitors gain the advantage as we migrate away.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi @Clive_A
Custom DDNS fix - per this thread - https://community.tp-link.com/en/business/forum/topic/609288?replyId=1280242 , a bug is confirmed with PPPoE, workaround is available to set as static and then back to PPPoE, for some users it works, but for some others it does not
TCP no-Flag attack fix - per this thread - https://community.tp-link.com/en/business/forum/topic/610802 , known "issue" introduced with v1.3.0, in some routers this alert behavior was adjusted and source-ip added to the logs for clarity and ability to block, Hank21 wrote that it is planned to fix, but no fix is coming... "It's planned to optimize the event notification of "TCP no-Flag attack" in future iterations of the ER605 v1."
DHCP option 66/67 - while option 66 is present in controller mode, option 60 is missing (only there in standalone mode) and option 67 is missing from controller mode, so PXE functionality is very partial in this environment
i believe that these can be fixed at almost no cost to flash storage and maybe take an hour or two of dev time in total.
- Copy Link
- Report Inappropriate Content
Hi @NinjaMonkey
Thanks for posting in our business forum.
NinjaMonkey wrote
Hi @Clive_A
Custom DDNS fix - per this thread - https://community.tp-link.com/en/business/forum/topic/609288?replyId=1280242 , a bug is confirmed with PPPoE, workaround is available to set as static and then back to PPPoE, for some users it works, but for some others it does not
TCP no-Flag attack fix - per this thread - https://community.tp-link.com/en/business/forum/topic/610802 , known "issue" introduced with v1.3.0, in some routers this alert behavior was adjusted and source-ip added to the logs for clarity and ability to block, Hank21 wrote that it is planned to fix, but no fix is coming... "It's planned to optimize the event notification of "TCP no-Flag attack" in future iterations of the ER605 v1."
DHCP option 66/67 - while option 66 is present in controller mode, option 60 is missing (only there in standalone mode) and option 67 is missing from controller mode, so PXE functionality is very partial in this environment
i believe that these can be fixed at almost no cost to flash storage and maybe take an hour or two of dev time in total.
When I wrote the report to the dev, I found something you said inaccurate.
1. DHCP Option 60 and 66 are available in Controller mode. Only 67 is missing.
2. TCP no-flag attack would be optimized but did not say we would add source-ip. About whether this has been optimized or not, I'll ask the dev.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 1
Views: 2483
Replies: 22
Voters 0
No one has voted for it yet.