Welcome to Xfinity Help & Support Forums
Find solutions, share knowledge, and get answers from customers and experts

New to the Community? Start here.

5,874,486

members

676

online

29,174

topics

Top

Sidecar router and VPNFilter malware

Contributor

Sidecar router and VPNFilter malware

So I see that my Xfinity Home sidecar router is a Netgear WNR1000, one of the models potentially affected by the VPNFilter malware. I haven't seen a post yet on the subject here specifically with regards to Xfinity Home routers, but since I don't have direct access to check/update the firmware on this router, what can I do to ensure the router isn't vulnerable? I rebooted it as soon as I learned it was part of the issue, but that isn't a long term solution. Is there an official Comcast position on this?

Tags (1)
Service Expert

Re: Sidecar router and VPNFilter malware

The router does not have access to the Internet, so there is no issue.




Community Icon
I am not a Comcast employee, I am a paying customer just like you!
I am an XFINITY Forum Expert and I am here to help. For information on the program click here.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark a Best Answer!solution Icon
Community Icon
I am not a Comcast employee. I am a paying customer just like you!
I am an XFINITY Forum Expert and I am here to help.
We ask that you post publicly so people with similar questions may benefit.
Was your question answered? Mark a Best Answer!solution Icon
Community Icon
I am not a Comcast employee.

Was your question answered?
Mark an Answer!solution Icon

Contributor

Re: Sidecar router and VPNFilter malware

It definitely has access to the internet, that's the whole point of having the router rather than relying on cellular data only for connectivity isn't it? If you're speaking more of the fact that the sidecar router sits behind another router (which has not been listed as a compromised model... so far), sure, but it was directly connected to my cable modem by the tech for a period during installation of the security system and without being able to directly access the configuration myself I can't verify much else about it, and certainly not do a factory reset as recommended for this malware.

New Poster

Re: Sidecar router and VPNFilter malware

I too would like to hear an official response on that.  My guess on the response is that since the username and password are not default and also it most likely isn't directly ON the internet it's safe.  I would think for 99.9% of the setups, the comcast gateway is the actual firewall and the netgear is just working as a glorified access point.  I personally would rather be able to use my own wifi rather than mixing signals, worrying about if the home security people care about cyber security etc...   The devices use zigbee to communicate I believe so other than monitoring and remote access, what is the wifi used for? 

 

My network is corporate secured, has better range, signal, AP's, and even dual internet connectivity (my home security one is a 3rd!).  But instead I have a consumer grade Netgear router that may or may not be hacked acting as a rigged up wifi access point while junking up signal for me and the neighbors.

Regular Contributor

Re: Sidecar router and VPNFilter malware


@Brian-Indy wrote:

The devices use zigbee to communicate I believe so other than monitoring and remote access, what is the wifi used for?


It is used to communicate with the touch control panel and to communicate with the cameras.  As you already pointed out, the sensors are communicating with the panel via zigbee.

Problem Solver

Re: Sidecar router and VPNFilter malware

There is an official position, and it's marked the Answer on this thread:

 

https://forums.xfinity.com/t5/Anti-Virus-Software-Internet-Security/This-is-the-VPN-filter-malware-t...



<<<< "Sometimes the best way to learn something is by doing it wrong and looking at what you did." - Neil Gaiman >>>>
New Poster

Re: Sidecar router and VPNFilter malware

This device without question accesses the internet. This is from my firewall sitting on the other side of the sidecar router:

 

Screen Shot 2018-06-20 at 11.03.29 AM.png

 

I have actively disallowed the WNR and its friends from accessing any of my other VLANs as I do not control the Comcast devices, per se.

Special Events
FIFA World Cup 2018 on Xfinity See More
Discussion stats
  • 6 replies
  • 361 views
  • 0 kudos
  • 6 in conversation