Chinese# botnet infects 260,000 #SOHO #routers, IP cameras with #malware
#news #cybersecurity #cybercrime #iot #infection #software #security #fail #problem #china
2 Likes
#news #cybersecurity #cybercrime #iot #infection #software #security #fail #problem #china
I should just state at the outset that configuring OpenWRT can be a bit daunting. It is very powerful and customisable, but it may take a few hours to figure out how to get everything done if you’re bridging networks, and setting up upstream DHCP, etc. What didn’t help me was also realising that when I wanted to bridge my networks, this router was clashing with my Asus router using the same network addresses. So a good idea is to set it to use a different network segment, e.g. 192.168.0.1/24 or 192.168.2.1/24. After that, things came to life.
Flashing the firmware was quite easy after I had verified my Xiaomi Mi router was a Generation 1 version, and I just followed the instructions from the OpenWRT site which included running three Windows .bat files which did everything.
The basics do work fine, remembering you need to enable wireless networking and just bind them to the LAN zone. But imagine your cheapy router now being able to do VLANs, have powerful options for firewalling, DNS, DHCP, routing, SSH login, and much more. I do like that for potentially breaking changes, it offers an option to do auto rollback. I also managed to lock myself out of the router after I enabled upstream DHCP which somehow did not work like I expected it to (solution being to just set a static IP on your laptop and connect to the LAN port to get back in — except Windows 10 also has a broken static IP address so you need to use Control Panel to set that).
This router is actually just used a sort of hotspot so it does sit behind my main firewalled router, and I can experiment a bit with it. My Asus will stop receiving updates in the coming few months, so I’m thinking of ref lashing it to OpenWRT instead then.
It is certainly worth trying though, but if you really don’t come right with OpenWRT, then Tomato OS is almost as configurable, and a bit more user-friendly. I’d liken the OpenWRT a bit to the MikroTik type software. The other big advantages though, as I previously mentioned, were getting updates after the OEM no longer provides then, and of course, unlocking masses of features for pretty cheap routers. And of course it also has a dark theme!
OpenWRT Connections screen
OpenWRT Traffic screen
OpenWRT Wireless Strenth screen
OpenWRT CPU Load Graph screen
OpenWRT Interfaces screen
OpenWRT LAN Bridge screen
OpenWRT LAN settings screen
OpenWRT WAN Settings screen
OpenWRT Firewall Settings screen
#Blog, #opensource, #openwrt, #routers, #technology
Network security is not just for IT professionals. Even home users need to keep their networks secure to prevent unauthorized people from, for example, hogging their broadband, installing malware that turns connected devices into robots in botnets, and spying on what you and your family are doing.
In the past, the internal network was often considered safe and protection against threats from the internet was the most important thing, but today security experts recommend using encrypted connections as much as possible even within the local network.
It may seem complicated, but with basic knowledge and the right settings in your router, you’ll go a long way.
These are actually all very basic and essential considerations, and are well worth revisiting. I realised I’m not actually using the SNMP management on my router, but I’d left it enabled. Disable those types of services if you don’t use them, and rather enable logins etc only from your LAN.
See https://www.pcworld.com/article/2235248/how-to-keep-your-home-network-secure-clever-tricks-and-settings.html
#Blog, #routers, #security, #technology
Most of the best Wi-Fi routers give the average customer all the controls they could ever want with simplified access to wireless settings, QoS, and firewall settings making home networking tech more accessible to all. For those looking for a more open experience, more advanced and in-depth settings can be made available with an open firmware like OpenWrt or DD-WRT. If you want access to these extra features, however, you’re looking at a more complicated setup procedure and a lot more research.
Both OpenWrt and DD-WRT are completely free to download and use with access to stable and beta builds. OpenWrt is completely FOSS (free and open-source software) meaning that no company owns any part of it, so you can use it without any permission and if you have the know-how, you can even dig into the code yourself. DD-WRT makes a few concessions when it comes to being open-source to allow support for a wider range of devices, such as those running Broadcom chips.
Availability comes down to not only a specific brand of router, but the model and even hardware revision. Many routers will have multiple versions with slight hardware tweaks that don’t matter much, if at all, to the end-user with standard software, but can lead to issues when installing a custom Linux-based operating system (OS) like OpenWrt or DD-WRT. When you’re looking for router software for your hardware, make sure to note any version information. This can typically be found next to the model number on the bottom of the router.
It’s true that these options don’t necessarily support the very latest routers, but they do add masses of features to older routers. Also, with ASUS routers they do already have lots packed in, and I actually opted to install the ASUSWRT-Merlin firmware which retains close compatibility with the ASUS firmware.
See https://www.xda-developers.com/dd-wrt-vs-openwrt/
#Blog, #DDWRT, #openwrt, #routers, #technology
Wi-Fi extenders (basically just adding a remote router connected by an Ethernet cable, or even just Wi-Fi) are, on paper at least, quite appealing. And why wouldn’t they be? Who doesn’t like an inexpensive solution to a complex problem? Fifty bucks or less to finally get Wi-Fi all the way across your house or out to the corner of the patio where your hammock is set up sounds like a great deal.
And while, in some cases, a Wi-Fi extender can be a useful and economical solution to your Wi-Fi issues, it’s largely a band-aid slapped over bigger problems with your network. They introduce latency, airwave congestion, and impact your overall network bandwidth and user experience.
For the vast majority of people, but especially those in a large or sprawling home, switching to a mesh Wi-Fi system is a massive upgrade in Wi-Fi technology, overall power, and coverage. That’s because far too many people are using really old stand-alone traditional routers and/or relying on the bargain all-in-one Wi-Fi-router-modem combo unit their ISP gave them.
So yes, a mesh Wi-Fi system is often better because it is all new technology, it is the same brand working well together, and it is usually a few devices covering everywhere. It also includes smart software to help manage many devices moving around between those nodes. But they do cost a lot more!
My problem is just a weakish area in my back garden, and it did not justify me spending the money for an area I don’t use regularly. I went for just adding a Wi-Fi extender router, but I cabled it with 1 Gbps Ethernet to the main router, and kept the same SSID to make it seamless. It also does it’s DHCP from the main router, so I can still manage everything centrally. That said, my Asus RT-AC88U main router (powered by Asuswrt-Merlin software) is pretty smart, and it is not a basic ‘free’ ISP router.
So, although a Mesh Wi-Fi is best, you may want to still weigh up your options before diving in. The linked article expands on Mesh Wi-Fi a bit more, with some additional links to more information.
See https://www.howtogeek.com/818404/dont-buy-a-wi-fi-extender-buy-this-instead/
#Blog, #meshnetworks, #networking, #routers, #technology
Your home router is usually your main gateway and firewall between your house full of connected devices, and the Wild West of the Internet. If you have a router that is no longer receiving updates every month or so, then you’re likely not getting the security patches that you need to protect your home network.
Or you may have an older, or cheaper, router that lacks many more advanced features.
OpenWRT is regularly updated and patched and is crammed with all sorts of management and security features. It can turn many “dumb” routers into more advanced devices (yes, it’s mostly all in the software). It is free to install and use, but will require you to reflash your router and start again with default settings.
See https://www.phoronix.com/news/OpenWrt-22.03-Released
#technology #OpenWRT #routers #security #opensource
#Blog, ##opensource, ##openwrt, ##routers, ##security, ##technology
Routers, all tri-band routers are not the same....the Old Tri-band vs the New Tri-band
https://dongknows.com/dual-band-vs-tri-band-wi-fi-routers-explained/
I see blogs and posts at various places on the Internet written by people who seem to see NAT as an annoyance. In fact, there are people who champion IPv6 specifically because it overcomes the "problem" of NAT. To me, NAT is a wonderful thing.
I actually see the Internet as the premier security problem in the 21^st^ century. Protecting ourselves and our devices from it is paramount. Of course big business wants everything to be "smart." In this context, "smart" just means connected to the Internet. This is madness. We all need to resist "smart" devices. Don't buy them or use them. It's just too foolish. In my country it's estimated that 1 out of 5 adults has suffered some form of identity theft. This madness needs to stop.
#nat #network-address-translation #security #surveillance #privacy #network #networks #ip #ip-address #router #routers