Re: Debian 11, Chrome and .asp pages

[Celejar <celejar@gmail.com>]

On Sun, 28 Aug 2022 08:24:31 -0400
Greg Wooledge <greg@wooledge.org> wrote:

...

> Not too long ago, I had to buy a new router.  The one I bought was a
> Netgear.  As is typical, the router also acts as a DHCP server, and
> has a web-based control panel.  The instructions that came with the
> router said to visit a certain URL (which I do not recall right now),
> which did not contain an IP address, but instead, contained a "hostname".
> 
> If you're a completely naive user, who sets up the PC to use DHCP, using
> every piece of information from the router (IP, netmask, nameserver,
> DNS search domain), then this would work.  The special "hostname" in
> the URL would be resolved by the router's internal mostly-forwarding
> nameserver, to the router's IP address.
> 
> If, however, your PC is set up to use its *own* DNS nameserver and search
> domain, then the special "hostname" in the router's URL is resolved by
> the global DNS infrastructure, to a *real* IP address.
> 
> The real IP address in this case turns out to be a phishing site, set up
> specifically to capture passwords and personal information from users who
> are just trying to set up their router, which comes with *horribly* poor
> instructions.

This is wild. But according to official, publicly available Netgear
documentation, the company uses www.routerlogin.net or
www.routerlogin.com for router configuration, both of which seem to
resolve / redirect to a legitimate Netgear site when not using a
Netgear router:

https://kb.netgear.com/27199/I-can-t-access-my-router-what-do-I-do
https://www.netgear.com/home/services/routerlogincom/

If Netgear actually used an url that it didn't control, that would
indeed be incredibly reckless and irresponsible.

-- 
Celejar