Security issues of Easy Smart configuration protocol

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Security issues of Easy Smart configuration protocol

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Security issues of Easy Smart configuration protocol
Security issues of Easy Smart configuration protocol
2015-03-16 21:49:18
Region : Ukraine

Model :
TL-SG1024DE

Hardware Version : V1

Firmware Version :
20131023

We're having 3 different networks divided by the 802.1Q VLANs on the TL-SG1024DE switch.
One of this networks (on the 10 VLAN) is having white IPs and shared with another office. I want to disable the usage of the Easy Smart configuration utility from that VLAN.
The other members of the network is able to discover [COLOR=#000000][COLOR=#000000]Easy Smart devices with their real IPs. It is not safe when malware for [COLOR=#000000]TL-SG10*DE will appear.

I found no option how to bind Easy Smart configuration server to the specific VLAN.

I'm misunderstanding what I can do this or have I missed something?
Thanks

PS: The worst is that they can be discovered by the network scanning software

  0      
  0      
#1
Options
2 Reply
Re:Security issues of Easy Smart configuration protocol
2015-05-29 07:10:23
I would also like to see this changed. I have the TL-SG1016DE and you can access the management interface of the switch on any VLAN either with the Smart utility or by assigning the PC you are at an IP address in the same subnet as the switches IP and browsing to the web interface. It seems as if you cannot specify a specific management VLAN and you also cannot modify any port settings on the default VLAN (1) when using 802.1q VLAN.
  0  
  0  
#2
Options
Re:Security issues of Easy Smart configuration protocol
2016-09-08 22:00:46
I just discovered the same thing, the VLAN separation is very unsafe because VLAN 1 cannot be edited.

So I think I will have to use the Netgear GS108Ev3, which is almost identical to the TL-SG108E, but allows to edit VLAN ID1.
  0  
  0  
#3
Options