Skip to comments.
Toss routers with hardcoded passwords, expert says
Network World ^
| Aug 27, 2014 4:26 AM PT
| Antone Gonsalves
Posted on 08/28/2014 3:30:05 AM PDT by palmer
click here to read article
Navigation: use the links below to view more comments.
first 1-20, 21-25 next last
1
posted on
08/28/2014 3:30:05 AM PDT
by
palmer
To: Swordmaker
Only buy Apple routers ping
2
posted on
08/28/2014 3:30:51 AM PDT
by
palmer
(This comment is not approved or cleared by FDA)
To: NoCmpromiz
3
posted on
08/28/2014 3:31:40 AM PDT
by
palmer
(This comment is not approved or cleared by FDA)
To: palmer
I worry about my AT&T router or, as they call it, residential gateway.
I should probably use my own behind theirs.
4
posted on
08/28/2014 3:33:46 AM PDT
by
FreedomPoster
(Islam delenda est)
To: FreedomPoster
worth thinking about. I try to use end-to-end encryption for important things, so even if they let the hackers into my crappy vendor-provided routers (AT&T and Sprint), I am still relatively safe. But lots of things I do cannot be encrypted end to end.
5
posted on
08/28/2014 3:36:05 AM PDT
by
palmer
(This comment is not approved or cleared by FDA)
To: FreedomPoster
Probably wouldn't be a bad idea at all. If you have an extra computer sitting around, you could consider building your own firewall using
m0n0wall,
pfsense,
IPCop,
Smoothwall, or another firewall product. By doing so, you don't have to worry about backdoors placed in some OEM's firmware.
(I assume that, if you are a home user, you don't really need routing (as you likely only have one "route") but actually need a firewall (to keep your home network protected from the outside world).
6
posted on
08/28/2014 3:58:54 AM PDT
by
markomalley
(Nothing emboldens the wicked so greatly as the lack of courage on the part of the good -- Leo XIII)
To: palmer
RSA sold out to the NSA for a few bucks.
Don’t trust anyone.
To: ShadowAce
8
posted on
08/28/2014 4:10:54 AM PDT
by
Whenifhow
To: AlbertWang
That’s a good point. I am impressed by the difficulty of generating large prime numbers but even more impressed with the fact that the elliptic curve private key is just a random number. OTOH the world is chock full of slipshod random number generators and complex (and possibly bad) implementations of various algorithms.
9
posted on
08/28/2014 4:24:28 AM PDT
by
palmer
(This comment is not approved or cleared by FDA)
To: palmer
Thank you, for the technology up date. 👍
10
posted on
08/28/2014 5:05:46 AM PDT
by
skinkinthegrass
(The end move in politics is always to pick up a weapon...eh? "Bathhouse" 0'Mullah? d8^)
To: rdb3; Calvinist_Dark_Lord; JosephW; Only1choice____Freedom; amigatec; Ernest_at_the_Beach; ...
11
posted on
08/28/2014 5:29:09 AM PDT
by
ShadowAce
(Linux -- The Ultimate Windows Service Pack)
To: markomalley; All
That is correct.
What do you think of dd-wrt?
12
posted on
08/28/2014 5:32:20 AM PDT
by
FreedomPoster
(Islam delenda est)
To: FreedomPoster
What do you think of dd-wrt? If your router supports it, I highly recommend you go the DD-WRT route. It adds functionality that manufacturers don't want you to have with the stock firmware. I personally invested in a Linksys (Cisco) E3000 and have been using it with DD-WRT for years. Learn a little iptables syntax and you can configure it to firewall your whole network.
Never ever plug a computer directly into your provider's modem. You're asking for trouble.
13
posted on
08/28/2014 5:35:41 AM PDT
by
rarestia
(It's time to water the Tree of Liberty.)
To: FreedomPoster
” What do you think of dd-wrt?”
I never had the Linksys device it was originally coded for, so I never really looked at it. In principle, it’s a fine idea, but in practice, I don’t know.
14
posted on
08/28/2014 5:37:04 AM PDT
by
markomalley
(Nothing emboldens the wicked so greatly as the lack of courage on the part of the good -- Leo XIII)
To: FreedomPoster
I have the same thoughts (UVerse 2Wire router) - I know you can change the password on it. I would really like to use my own router behind it (because the range will be better) but have heard it is very difficult to set up.
To: rarestia
16
posted on
08/28/2014 5:51:02 AM PDT
by
frog in a pot
(We are all in the same pot.)
To: palmer
17
posted on
08/28/2014 5:54:37 AM PDT
by
E. Pluribus Unum
("The man who damns money obtained it dishonorably; the man who respects it earned it." --Ayn Rand)
To: Wyatt's Torch
It's not too difficult but it does require some technical effort to pull it off. I've done this on my Uverse 2wire gateway with several different routers.
Link to instructions from "SomeJoe777".
There is no true bridge mode on the 2Wire routers. However, you can still configure it such that almost all functions of your own router will work properly.
1. Set your router's WAN interface to get an IP address via DHCP. This is required at first so that the 2Wire recognizes your router.
2. Plug your router's WAN interface to one of the 2Wire's LAN interfaces.
3. Restart your router, let it get an IP address via DHCP.
4. Log into the 2Wire router's interface. Go to Settings -> Firewall -> Applications, Pinholes, and DMZ
5. Select your router under section (1).
6. Click the DMZPlus button under section (2).
7. Click the Save button.
8. Restart your router, when it gets an address via DHCP again, it will be the public outside IP address. At this point, you can leave your router in DHCP mode (make sure the firewall on your router allows the DHCP renewal packets, which will occur every 10 minutes), or you can change your router's IP address assignment on the WAN interface to static, and use the same settings it received via DHCP.
9. On the 2Wire router, go to Settings -> Firewall -> Advanced Configuration
10. Uncheck the following: Stealth Mode, Block Ping, Strict UDP Session Control.
11. Check everything under Outbound Protocol Control except NetBIOS.
12. Uncheck NetBIOS under Inbound Protocol Control.
13. Uncheck all the Attack Detection checkboxes (7 of them).
14. Click Save.
Your router should now be able to route as if the 2Wire was a straight bridge, for the most part.
Inbound port 22 might be blocked, and inbound ports 8000-8015 might also be blocked, and there's nothing that can be done about it.
18
posted on
08/28/2014 6:32:43 AM PDT
by
Mr Fuji
To: E. Pluribus Unum
BFL. THink I might need to upgrade my router.
19
posted on
08/28/2014 7:22:09 AM PDT
by
zeugma
(Islam: The Antidote for civilization)
To: palmer
You’re naive if you think the government doesn’t have a backdoor to everything.
20
posted on
08/28/2014 7:23:20 AM PDT
by
dfwgator
Navigation: use the links below to view more comments.
first 1-20, 21-25 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson