[drunknsage]

Drop the ISP provided router and get a real one preferably one that supports ddwrt or other aftermarket firmware. You can often put the ISP provided garbage in bridged mode where is functions as a modem only.

I dumped that crap all in one box comcast supplied and purchased a modem. It paid for itself through eliminating rental fees. I run two linksys routers that run ddwrt firmware. It’s open source and allows tons of amazing and business level functionality. It’s also easy to configure and their page has instructions. If you can follow directions, you can flash and use ddwrt.

If you are stuck with ISP equipment, ask about bridged mode. Also, don’t run default passwords for router access and always lock down wifi. Wpa2 AES is sufficient. Don’t use WEP or WPS

[Utilizer]

Thank you for chiming in. I was hoping someone more familiar with the equipment might have some advice.

I dumped the SBC/Yahoo -supplied router many years ago and got a combination DSL modem,wireless router/4-port LAN router made by Netgear. Recently I have been considering upgrading, but so far the options available have made that a daunting prospect.

Any suggestions on which way to go, now that this exploit has been discovered?

[tophat9000]

While the article uses the term router, replacing your Isp router with a home router would probably not resolve.. ..the open port is for isp management so would be customer edge facing the provider edge..and would be on you isp modem.. (the modem is an Internet gateway router).

That said.. I always use my own router for my home network and just use the isp modem for the Internet gateway.. a personal home router with a stateful firewall should protect your internal network.. but your internet traffic has to route across the isp modem.. so unless you got your own cryto tunnel for all internet traffic your exposed

[ShadowAce]

LOL! I do the exact same thing—only I only need one router.

[rarestia]

Always bridge your network from the ISP. It doesn’t insulate you from an attack, but it insulates the damage they could do. The ISPs are going to mandate that you use CWMP if you want support. I personally bought a Motorola Surfboard and told my ISP that I just need the bridge information. They don’t support anything unless the connection drops. This isn’t ideal for most home users.

My suggestion to most FReepers is to NOT use your ISP’s router for direct connections to computers or the ISP wireless connection. You might be sold a bill of goods on what they support if you use their native wireless, but it’s not worth the security headache. Buy a cheap Linksys or Netgear wireless router/switch and learn how to configure it yourself. Don’t let ANY company say they’re securing you. They’re not.