Current Router Attack and Router Choice

Status
Not open for further replies.
Originally Posted By: Kawiguy454
Under the hood of a good router is similar electronics to the big boys and a lot of the core code of say a linksys is coming from the parent company of Cisco anyways.


The only thing Cisco in a Linksys product is the name on the box. None of the Linksys devices run any of Cisco's historically core operating systems like IOS or even Cisco's proprietary in-house Linux products.

Cisco purchased Linksys to get a foot into the consumer market, which they assumed would give them access to a profitable segment they previous didn't deal in. What resulted was them being exposed to consumer-grade hardware that they didn't know how to support properly and consumer Linux-based firmware that was extremely buggy and that they could not, given the price structure, commit enough resources to in order to bring up to snuff. In the interim, they managed to tarnish their brand trying to work this albatross and that's why they eventually divested themselves of it, selling it to Belkin in 2013 after 10 years of this nonsense.
 
I had a WZR-1750DHP

last update was december 2015, and its still sold.. terrible terrible updates.
 
Originally Posted By: Kawiguy454
^^^ Alarmguy U nailed it!

Like you don't hire a swat team to guard a piggy bank Getting commercial gear is overkill. As long as your router (same one I have BTW) continues to get regular updates then you're doing OK. A big part of any gear is configuring it well. Turn OFF services/features you dont need and lock down the rest. Under the hood of a good router is similar electronics to the big boys and a lot of the core code of say a linksys is coming from the parent company of Cisco anyways. Get any good hacker book and the weak link is still primarily the human factor.


Well that is a refreshing statement, normally I expect to get trashed when I make a comment in here.

The point i was trying to make, if others didnt understand, is simply, hackers arent going after homeowner routers, yes, of course, be prudent and keep firmware up to date. What you do with your router is useless if someone in your family OR business downloads malware. It has NOTHING to do with the firewall and its not going to stop anything! :eek:)


Your sentence sums it up ...
"Get any good hacker book and the weak link is still primarily the human factor"

Its the human factor that allows the download to take place and install the malware. No firewall will stop it.
 
Last edited:
Originally Posted By: alarmguy


The point i was trying to make, if others didnt understand, is simply, hackers arent going after homeowner routers, yes, of course, be prudent and keep firmware up to date. What you do with your router is useless if someone in your family OR business downloads malware. It has NOTHING to do with the firewall and its not going to stop anything! :eek:)


Botnets often have a pretty broad cross-section of home computers in them. Some of this is due to the common DNS redirect/hijack employed by script kiddies on consumer routers. This can be installed either via somebody clicking on something they shouldn't and executing code locally, which you've alluded to, or via unpatched bugs in poorly written firmware that may be present even if you have the latest version. This is done to not only steal personal data, but also to trick people to install malware by redirecting to sites that employ browser exploits.

Here is a very recent example:
https://thehackernews.com/2018/04/android-dns-hijack-malware.html

And here is an example of some of the bugs, that enable these types of exploits, in a specific router:
https://thehackernews.com/2017/09/d-link-router-hacking.html

This is prolific through the entire consumer industry.
 
> Anyway, I even looked at pfsense ready-made hardware from their site, but they have their fair share of complaints as well.

I'm curious: what complaints are there?
The reason I'm asking is Solaris has switched to pf for their firewall, which I don't think they would have done lightly. pf seems like a very interesting packet filter that can do a heck of a lot.
 
Originally Posted By: spackard
> Anyway, I even looked at pfsense ready-made hardware from their site, but they have their fair share of complaints as well.

I'm curious: what complaints are there?
The reason I'm asking is Solaris has switched to pf for their firewall, which I don't think they would have done lightly. pf seems like a very interesting packet filter that can do a heck of a lot.


Solaris is dead. Unfortunately.

I have nothing against pf, I was talking about hardware, as quoted by you above.
And pf in pfsense is different from pf in Solaris and even different from the original on OpenBSD.
I have no desire to lose too much time, that's why I am trying to find a turnkey solution, and a pfsense device that they sell on their site seemed like one.

As for 'as long as it's updated' blah-blah, that's a potty training level of ignorance. It's like wait, I was running with all those holes for all those years? 4 DHCP buffer overrun bugs, plus 11 zero-days, plus 7 other security fixes, plus a bug in their SSL cerificate, plus God knows what else.. And I am on top of regular stuff: it's on my weekly schedule - it's not like this was an issue neglected for years by the end user. A properly designed unit with properly designed hardware and software will definitely cost a little bit more than this disposable set of cyber-pampers.

Thank you Overkill for the suggestions.
 
To Overkill and others in the business, I presume you mean something like this as an entry level SonicWall wireless router for $396?
https://www.newegg.com/Product/Product.aspx?Item=N82E16833376665

Or the next step up a TZ300 for $596:
https://www.newegg.com/Product/Product.aspx?Item=N82E16833376664

When they say "Hardware Only" does that mean it is missing the firmware?
Or that it does not include any firmware updates?
Or (hopefully) that it is simply lacking VPN licenses but otherwise includes fully functional and current firmware?
 
Originally Posted By: BearZDefect
To Overkill and others in the business, I presume you mean something like this as an entry level SonicWall wireless router for $396?
https://www.newegg.com/Product/Product.aspx?Item=N82E16833376665

Or the next step up a TZ300 for $596:
https://www.newegg.com/Product/Product.aspx?Item=N82E16833376664

When they say "Hardware Only" does that mean it is missing the firmware?
Or that it does not include any firmware updates?
Or (hopefully) that it is simply lacking VPN licenses but otherwise includes fully functional and current firmware?


You'll notice the 2nd one has double the throughput of the first. If you need that throughput, then it becomes the logical choice.

With DELL's SonicWall lineup, like with Cisco and all the other majors, you have to buy a licence or subscription for advanced feature sets and certain definitions packages.

It comes out of the box with all the software it needs. You will have free access to firmware updates once you register the device, but if you want certain features that are not included in the "base" license, you will need to buy those licenses. For example, that could be:
- More than the number of IPSec VPN tunnels it ships with
- More than the number of SSL VPN tunnels it ships with
- Content Filtering - This is an optional feature
- Capture Advanced Threat detection - optional feature

The Standard and Optional features are all broken down here for each of the entry-level models:
https://www.sonicwall.com/en-us/products/firewalls/entry-level

You can get trials of any of the additional features after the fact to see if you want them. It comes with a trial of everything IIRC, for a good period of time, like 6 months or something.
 
You are quite welcome
cheers3.gif
 
I am a big fan of pfsense and have used it for years. Like any security products you need to configure it correctly and stay on top of the updates. It's very powerful and capable but configure it incorrectly and it is useless. Unless you are somewhat computer literate and willing to invest the time to learn it I would pass. Otherwise I think it's excellent and use it at all my sites.
 
Overkill, not to beat a dead horse here...
You wrote You will have free access to firmware updates once you register the device,
yet this page claims Note: Does not include technical support or firmware upgrades
https://www.firewalls.com/products/firewalls/sonicwall/sonicwall-tz/tz-300

My old router is overdue for replacement due to performance limitations, and firmware bugs that Cisco never bothered to fix, so I am in the market.
 
Originally Posted By: BearZDefect
Overkill, not to beat a dead horse here...
You wrote You will have free access to firmware updates once you register the device,
yet this page claims Note: Does not include technical support or firmware upgrades
https://www.firewalls.com/products/firewalls/sonicwall/sonicwall-tz/tz-300

My old router is overdue for replacement due to performance limitations, and firmware bugs that Cisco never bothered to fix, so I am in the market.


I have several of them in service that are WELL outside the free service and I can still download firmware updates for them.
 
Status
Not open for further replies.

Similar threads

OVERKILL
The Dragon who sold his Camaro: Analyzing custom router implant
2
Replies
23
Views
856
Rand
B
Bought a "Trash Can"
Replies
8
Views
1K
bunnspecial
OVERKILL
HOBS base oils and implicit/inherent FM
Replies
7
Views
4K
bruce381
John105
No go on 02 sensor DIY, and what I've learned
Replies
19
Views
4K
Cherrybomb
StevieC
  • Locked
Setup a BitDefender Box
Replies
10
Views
2K
bobdoo
Back
Top