the same, 3.12.0

You have the default gateway set as 192.168.1.99 that's not right, it needs to be set to your router IP (probably 192.168.1.1 or 192.168.1.254)

Your router *might* be 192.168.1.1 so I would change that as well

So maybe
192.168.1.10
255.255.255.0
192.168.1.254 <- Router IP, whatever it is

DNS Server Auto

I concur with #IYFTech. Bitmain stated that they would release the firmware and update cgminer. The new firmware contains the same insecure and inefficient cgminer version. We should all demand that they install a version 4.x instead of this very early version.

Could you elaborate on what the security issues are, and what you mean by ineffecient?

I don't mean to be lazy, but if I read through the boards on these issues I'll likely find lots of conflicting information. 

Security issues... What if I'm behind a Barracuda Firewall?

Inefficiency... Meaning a more current version of Cgminer would hash faster?

Many thanks,

Strato

Exactly. Meaning everyone using Bitmain hardware is at risk having their hashing power redirected to a different pool without their knowing, losing valuable BTC to a third, unscrupulous party/person.

Not good.

As long as someone doesnt know the IP of the given miner you should be "safe" right ?

Thanks for confirming ckolivas  

This is why I & others have been making so much noise about this - it's annoying for everyone - but it's for everyones good that it gets fixed ASAP.

Are you listening, Bitmain?

Edit: It is also why miners should only buy hardware that uses Open Source software provided by ckolivas - so that it can be checked for any security issues or "strange goings on" by the cgminer devs or anyone else who wishes to do so. Never buy hardware that uses Closed Source software - there's no way of knowing what it is doing.

Would a firewall configuration that only allows tcp/3333 connections to known/whitelisted pool servers help?

Actually we don't use ssl in cgminer stratum since it's overkill for the actual problem. The problem is a packet is intercepted between you and the pool and it sends back a redirect message to cgminer which consciously moves to the other pool. People who were mining elsewhere unintentionally could actually see their rig had switched. Redirect rules were made strict according to domain name to prevent redirection from happening unless it was to a server with the same domain meaning they'd have to spoof the domain as well. Blocking outgoing connections from cgminer to only selected upstream pools would actually work to prevent you mining elsewhere but you may end up just failing to connect to anything without the redirect protection in later versions.

It seems to me that the obvious & right thing for Bitmain to do is what they promised the community they would do. Take down the S3+ firmware update (which does not match the MD5 checksum anyway) and replace it with one that contains the latest cgminer code that fixes the redirect issue. As has been mentioned before - why wouldn't they want to do this? Why would such a large miner manufacturer insist on keeping this security flaw in place?

Food for thought indeed......