This, along with bufferbloat [1], is why you run OpenWRT or another similarly modern, fully open source distro on your home routers.
Right now, the best supported devices are ath9k's, so things like the Buffalo WZR-* models are ideal.
The WNDR 4700 model specifically doesn't have good support for 3rd party firmware [2] due to it's use of NAND flash in an unsupported manner, so if you have that model you're kind of sunk at this point.
If you want a more hardened setup I recommend pfsense, a freeBSD based firewall/router disto [0]. It'll run on any number of mini/nano boards and several companies sell prebuilt boxes. It can run as a wifi AP as well but I find that a separate AP works best.
For a project that claims to be "Spreading the word to correct basic assumptions regarding goodput and good buffering on the laptop, home gateway, core routers and servers", there is remarkably little info I can actually find on the bufferbloat.net web site. I even clicked the Help link, only to discover it's a link to the redmine documentations. Thanks.
I have a WNDR 4700 and I can't replicate as described. However, I've also never trusted the stupid thing since it stores passwords in clear text (or at least is happy to display them in clear text on one of its admin pages).
I had fun freaking out my not-so-tech-savvy-but-exceedingly-paranoid (tin foil paranoid) uncle: He bet me $50 I couldn't crack his WiFi password. He let me use his iMac that was already connected.
I hopped onto the Admin page for the router. Had a password, which make sense. I submitted a test password, and there was no page-refresh or network activity... hm. Must be just in the Javascript...
Sure enough, it was obfuscated, but the password was in the damned HTML and easy enough to find. I got $50, and the priceless look of horror on my uncle's face.
I then explained to him that physical access to a computer usually equals "Game Over" ;)
One alternative to underpowered routers running OpenWRT or pfsense is to use a beaglebone black as your router. It's got well-supported wifi devices with antennae available, and you're not compromising on clock or ram.
Except the BBB only does 10/100 Ethernet so can't really operate as a modern router. The advantage of say an OpenWRT modded D-Link DIR-825, is it includes a gigabit router that handles internal traffic while the cpu handles the firewall and vpn to the outside world. Because local traffic is handled by completely separate silicon inside the router, CPU and ram is not a constraint.
Well, there are also more powerful options, e.g Buffalo's WZR-HP-AG300H, which has 128MB RAM / 32MB flash / Gigabit Ethernet and two radios. Not to forget: Power consumption is should also be taken into consideration for an always on device.
Exploit doesn't appear to work on a WNDR3700v2. I'm hoping it doesn't, as this has been the only router I've ever liked after years of dealing with complete garbage.
If you have a Netgear WNDR3700v2 or a WNDR3800, check out Cerowrt [1]. The latest stable build, 3.7.5-2, has been exceptionally stable for me, and fast. I would highly recommend it.
So has anyone used any of the open hardware alternatives, like routerboard.com ? Seems like having the schematics and the firmware would be a reasonable place to be.
I looked into these kind of things but I'm in an odd position where I need an ADSL2+ chipset of a certain kind (Broadcom with good noise filtering) because of the state of my phonelines.
I was looking into running an ADSL modem in full-bridge mode (you'd be surprised how many of these modems don't support that anymore) + a routerboard or mirotik product, but when you add up the cost and configuration time it just wasn't worth it.
I'm currently running a Billion 7800VDPX, which I now have the GPL sources to (after some prodding). When I finally have some time to sit down and risk bricking my device, I'll have a look at getting OpenWRT working (although at last glance they were never going to support ADSL).
This post, and other recent ones like it, indicate to me the importance of running a port scan and making sure no management abilities are exposed over the WAN side of these devices.
Any suggestions on good, fast online port scanners?
Question: I have Cable internet here in Aus (100mb/10mb) and I like my connection, but we have to use Telstra's silly modem, and they refused to activate any other one on the network.
So, lets assume I don't trust this AP and Modem to be secure (fair enough assumption in my opinion) -- the best way would be to perhaps build my own Wireless AP running pfsense, on a BeagleBone Black or similar?
Do companies like Netgear not have a team whose only purpose is to try to break their own products? I thought that was a primary source of employment for infosec types.
I like that this was technical and informative, but still talked down to people like me who aren't at all knowledgable with how infosec works. Great read; wish I could find more like it.
[+] [-] zdw|12 years ago|reply
Right now, the best supported devices are ath9k's, so things like the Buffalo WZR-* models are ideal.
The WNDR 4700 model specifically doesn't have good support for 3rd party firmware [2] due to it's use of NAND flash in an unsupported manner, so if you have that model you're kind of sunk at this point.
1. http://www.bufferbloat.net
2. http://wikidevi.com/wiki/Netgear_WNDR4700
[+] [-] mbell|12 years ago|reply
[0] http://www.pfsense.org/
[+] [-] tedunangst|12 years ago|reply
[+] [-] Glyptodon|12 years ago|reply
[+] [-] girvo|12 years ago|reply
I hopped onto the Admin page for the router. Had a password, which make sense. I submitted a test password, and there was no page-refresh or network activity... hm. Must be just in the Javascript...
Sure enough, it was obfuscated, but the password was in the damned HTML and easy enough to find. I got $50, and the priceless look of horror on my uncle's face.
I then explained to him that physical access to a computer usually equals "Game Over" ;)
[+] [-] dgesang|12 years ago|reply
[+] [-] greglindahl|12 years ago|reply
[+] [-] tux1968|12 years ago|reply
[+] [-] ce4|12 years ago|reply
[+] [-] uptown|12 years ago|reply
[+] [-] cbrauchli|12 years ago|reply
1. http://www.bufferbloat.net/projects/cerowrt
[+] [-] ChuckMcM|12 years ago|reply
[+] [-] voltagex_|12 years ago|reply
I was looking into running an ADSL modem in full-bridge mode (you'd be surprised how many of these modems don't support that anymore) + a routerboard or mirotik product, but when you add up the cost and configuration time it just wasn't worth it.
I'm currently running a Billion 7800VDPX, which I now have the GPL sources to (after some prodding). When I finally have some time to sit down and risk bricking my device, I'll have a look at getting OpenWRT working (although at last glance they were never going to support ADSL).
tl;dr: open hardware alternatives aren't easy enough to drop in yet, or they're not really open - http://wiki.mikrotik.com/wiki/Manual:License
[+] [-] camkego|12 years ago|reply
[+] [-] rogerbinns|12 years ago|reply
I do scans from cellular devices (Fing on Android and iOS, is passable for popular ports) and my laptop (nmap) when out and about.
[+] [-] nwh|12 years ago|reply
[+] [-] hughesey|12 years ago|reply
[+] [-] diminoten|12 years ago|reply
[deleted]
[+] [-] girvo|12 years ago|reply
So, lets assume I don't trust this AP and Modem to be secure (fair enough assumption in my opinion) -- the best way would be to perhaps build my own Wireless AP running pfsense, on a BeagleBone Black or similar?
Would that be the most secure way to handle that situation?[+] [-] tedunangst|12 years ago|reply
[+] [-] chojeen|12 years ago|reply
[+] [-] jasiek|12 years ago|reply
[+] [-] holyjaw|12 years ago|reply
[+] [-] sillysaurus2|12 years ago|reply
[+] [-] losethos|12 years ago|reply
[deleted]