Weekly Update 8 July 2021
Security Update
Due to recent events where, cyber attackers have tried to gain access to systems protected by DrayTek routers, DrayTek R&D have enhanced security features in the latest firmware release. Improvements include router WebGUI security. The new firmware is now available for the Vigor3910 and Vigor2962 (version 3.9.6.3) and is listed as a critical update.
Below are some tips
to improve security on your network:
1. Use the latest firmware release as these include the latest security
patches.
2. Use a strong password for admin login and all VPN profiles. Change the
password often.
3. Disable any unnecessary services and VPN profiles, e.g., OpenVPN, PPTP
VPN, or remote management (Web, SNMP, telnet, SSH, FTP) from WAN.
If these services are enabled, ensure that you use ACL or
2FA or specify the VPN peer IP to restrict access.
4. Enable Brute Force Protection in Management setup page.
5. Record Syslog and setup VPN/login Mail Alerts, and review the logs
periodically.
When abnormal attack events are observed, enable DoS Defense
and block those IPs by using the Blacklist.
6. Re-sign and change the default security certificates for SSL or HTTPS
access.
7. Consider Use VPN protocol in higher security, such as IPsec X.509 for
LAN to LAN, SSL+mOTP for host to LAN connections.
Refer to the FAQ
articles below for additional information
1. How to use Digital Signature (X.509) to authenticate a LAN-to-LAN IPsec VPN
between Vigor routers:
https://www.draytek.com/support/knowledge-base/6111
2. Dial VPN with mOTP authentication using Windows Smart VPN Client:
https://www.draytek.com/support/knowledge-base/5426
3. Use 2-Step Authentication for Remote Access:
https://www.draytek.com/support/knowledge-base/5172
4. Ways to Improve Network Security:
https://www.draytek.com/support/knowledge-base/5465#drayos
5. How to block an unknown IP address which keeps dialing VPN to Vigor Router?:
https://www.draytek.com/support/knowledge-base/5982
Latest Firmware
Improvement
· Improve the WebGUI security
It is recommended to change the passwords for admin login and password/PSKs for VPN profiles after upgrading to this firmware. For more details refer to the release notes in the download link.
Click here to download the firmware.
Improvement
· Improve the WebGUI security
It is recommended to change the passwords for admin login and password/PSKs for VPN profiles after upgrading to this firmware. For more details refer to the release notes in the download link.
Click here to download the firmware.
To subscribe to our regular news updates, click on
“Subscribe” on this page or login into your i-helpdesk account and enable the
“Subscribe” option.
Related Articles
Weekly Update 1 July 2020
Upcoming Webinar Routing in DrayTek Routers (Part 1) Tuesday 7th July 2020 at 10:00 am (AEST) Duration 30 Minutes You are invited to attend our next webinar presentation where we will look at the topic: Routing in DrayTek Routers (Part 1). This is ...Weekly Update 4 May 2022
Security Advisory OpenSSL vulnerability (CVE-2022-0778) Released Date: 2022-04-27 A Denial-Of-Service Vulnerability in OpenSSL (CVE-2022-0778) has been found recently. The BN_mod_sqrt() function in OpenSSL, which is used for parsing certificates ...Weekly Update 7 July 2023
Latest Application Note Setting up STARLINK with Vigor2135ax This application note describes how to configure the Vigor2135ax router so that it can access the Internet via Starlink. The Vigor2135ax is a broadband router with a Gigabit Ethernet WAN ...Weekly Update 13 July 2022
Latest Firmware Vigor3910 V4.3.2_RC3 (Release Candidate version) This is a beta test version. If any issues found please send an email to support@drayTek.com.au Note: Due to the WebGUI security issue (fixed in 3.9.6.3), we recommend changing the ...Weekly Update 24 March 2021
MyVigor Security Update Recently the MyVigor server has been upgraded to a new system architecture which includes security enhancements. As a result, new firmware will be required for DrayTek devices to take advantage of the new security ...