D-Link Forums

The Graveyard - Products No Longer Supported => Routers => DIR-868L => Topic started by: pzk3j5 on November 14, 2014, 06:42:30 AM

Title: Security-Issue: connect the shared drive from Windows only possible with ADMIN
Post by: pzk3j5 on November 14, 2014, 06:42:30 AM
Hello all

To connect the shared drive at the 868L from Windows ("\\192.168.2.1 " at the fileexplorer) is only possible with the ADMIN account of the 868L.
This is from the security point of view the worst method of sharing any resources on the network.   >:(

Background/Problemdiscreption:
The "shareport web access page" or the "MyDlink Sharepoint" allows only to
upload file by file to the hard drive connect to the DIR-868L, and the GUI-handling is very poor.
Imagine all the people in my house have about 500 Audio-CDs and they would
like to copy them to the hard drive connected to the DIR-868L  through the
shareport web access page, it takes them very much time. So when I give the
router's adminuser password to all this people, they can handle the upload
more comfortable but the routers configuration isn't secure anymore, cause
everybody knows the routers admin-password!!!

This is a very big security issue to let people connect to the harddisk on
the router using the routers adminuser password. Even you have no
usermanagement with this methode, so they can read AND write/delete
everything on the harddisk!!!

That's why I have the following questions (to the developement-Team):  ;D

==> Are there any plans in pipeline to accept also other users except the
router's admin user for mapping \\192.168.2.1?

==> Are there any plans in pipeline to have a usermanagement on the
\\192.168.2.1-Access as it exists in
Shareport Web access?

==> Are there any plans to make the shareport web access page" more
comfortable, so that user can manage the file-Upload and Download like in
explorer with multiple files?

Regards, pzkj35
Title: Re: Security-Issue: connect the shared drive from Windows only possible with ADMIN
Post by: FurryNutz on November 18, 2014, 07:36:01 AM
Link>Welcome! (http://forums.dlink.com/index.php?topic=48135.0)


Most of the SP features are somewhat limited and any additional features are reserved for D-Link DNS nas storage devices.

Going forward, the Rev A should see one more FW version then thats it.
http://forums.dlink.com/index.php?topic=61064.0 (http://forums.dlink.com/index.php?topic=61064.0)

Rev B is coming soon. It may have more features.
Title: Re: Security-Issue: connect the shared drive from Windows only possible with ADMIN
Post by: pzk3j5 on November 18, 2014, 11:47:32 AM
Hello FurryNutz and thanks for your answer

The HW-Rev is A1 and it runs already under Firmware Version:1.09 Fri 26 Sep 2014. My Region is Switzerland (Europe GMT / UTC +1)

As far as I saw, the new 1.09 firmware supports the following new features or resolves the following problems, but there are no other enhancements:

1. Update FCC band 1 output power
2. Update mydlink agent to support SSL connection

Problems Resolved:
3. Support No-IP DDNS server
4. Fix IP conflict in Guest zone

Enhancements:
None

Known Issues:
None

So it's still only possible to connect the shared drive at the 868L from Windows ("\\192.168.2.1 " at the fileexplorer)  with the ADMIN account of the 868L or do you have any other news? 

Regards,
pzk3j5
Title: Re: Security-Issue: connect the shared drive from Windows only possible with ADMIN
Post by: FurryNutz on November 18, 2014, 11:52:32 AM
Yes. I believe this is how it's been and is with most DIR series calls routers as this has been a alternative connection method to avoid using D-Link SharePort application. You can only connect using the Admin account info.

Title: Re: Security-Issue: connect the shared drive from Windows only possible with ADMIN
Post by: pzk3j5 on November 18, 2014, 12:04:05 PM
That's a pity that you can connect only with the Admin account this share

Are there any plans to make the shareport web access page more comfortable, so that user can manage the file-Upload and Download with multiple files like in a file-explorer ?
Title: Re: Security-Issue: connect the shared drive from Windows only possible with ADMIN
Post by: FurryNutz on November 18, 2014, 12:11:00 PM
Features you are seeking are on D-Links DNS nas devices and those features are reserved for those models. If D-Link incorporated those features into the router, the it could directly compete on the market with the DNS devices which D-Link will not do. The DIR series are routers and thus only have some limited nas like features. I recommend that if your needing more granular user account controls, you should review the DNS model device and configure and plan something to fit your user and networking needs. I have the DNS-345 and is a great nas device.
Title: Re: Security-Issue: connect the shared drive from Windows only possible with ADMIN
Post by: pzk3j5 on November 18, 2014, 12:30:08 PM
A NAS Device offers much more features than a router ever can, but I understand it a little bit in the DLink point of view...  :-\
For the enduser himself this access to the shared drive at the 868L with another user than ADMIN User would be a important feature and the security would be increased too, so it makes the whole 686L-router much better than routers of other competitive providers..
Another way to enable the sharepoint webapp to support multiple files should be not a big but a import thing and it is surley not a competition for the features of a NAS-Devices...

Thanks for your answers and regards,
pzk3j5
Title: Re: Security-Issue: connect the shared drive from Windows only possible with ADMIN
Post by: FurryNutz on November 18, 2014, 12:40:02 PM
I agree however for the most part the Shareport and user access is reserved to the Reading of files from connected media. Its up to the owner or "admin" of the router to handle and manage the files on the connected media for read access. This model is prevalent thru out the industry. If users needs more access and the ability to read and write, then other devices are designed better for those needs and configurations. The DIR-868L is a solid router in it's own with or with out the use of SP and access abilities.  I'm glad they are doing a Rev B.

You could see if Rev B will have any more features you are seeking however I presume it may not...