Find the answer to your Linux question:
Page 1 of 3 1 2 3 LastLast
Results 1 to 10 of 28
The Netgear 7550 that Frontier supplies is just so much junk so I'd like to replace it with a better router but I'm on a pretty tight budget but I've ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Engineer TNFrank's Avatar
    Join Date
    Jul 2013
    Location
    Crossville, TN. USA
    Posts
    967

    I'd like a new router.


    The Netgear 7550 that Frontier supplies is just so much junk so I'd like to replace it with a better router but I'm on a pretty tight budget but I've narrowed it down to two that I think may be decent enough.
    Both are DD-WRT(from what I gather) and have VPN capabilities so I can set up a VPN on the router and link into it when I'm out and about for more security.
    Here's links to both:
    Amazon.com: Linksys N300+ Wi-Fi Wireless Router with Linksys Connect Including Parental Controls & Advanced Settings (E1200): Electronics

    http://www.amazon.com/ASUS-3-In-1-Wi...ds=Asus+RT-N12

    There's really not that much difference in price, just a few bucks so for all practical purposes the price is the same but what about features and performance, is one a bit better then the other or are they about the same there as well? Any input will be appreciated. Thanks.
    No matter where ya' go, there ya' are.

  2. #2
    Linux User Steven_G's Avatar
    Join Date
    Jun 2012
    Location
    Western US
    Posts
    415
    Personally I like the WNR1000 v3.

    Amazon has it for almost 1/3 less than what you're looking at spending and I know for a fact that it is proofed against current gen script kiddie hijacking tools. Reaver can't touch it.

    I've got some butt wipe in my complex that is running a Kali Doom attack server that hits every new SSID in range, has taken over most of the routers in our complex and set them up as kind of a botnet.

    He cracked more than a dozen of my routers before I found this one. He hasn't been able to get in to my network since I've been running it, almost a year now.

  3. #3
    Linux Engineer TNFrank's Avatar
    Join Date
    Jul 2013
    Location
    Crossville, TN. USA
    Posts
    967
    Quote Originally Posted by Steven_G View Post
    Personally I like the WNR1000 v3.

    Amazon has it for almost 1/3 less than what you're looking at spending and I know for a fact that it is proofed against current gen script kiddie hijacking tools. Reaver can't touch it.

    I've got some butt wipe in my complex that is running a Kali Doom attack server that hits every new SSID in range, has taken over most of the routers in our complex and set them up as kind of a botnet.

    He cracked more than a dozen of my routers before I found this one. He hasn't been able to get in to my network since I've been running it, almost a year now.
    Wow, sounds like a pretty decent router and the price is nice too. Big question, will it run DD-WRT and can I set up a VPN on it? I just saw the latest DIY Tryin' on Revision 3 and they were saying that you can actually set up a VPN on your router so I can tunnel into my home router and be secure if I'm ever out and about and want to get onto the interwebs. I'd always thought that I'd have to set up a home server of one kind or another but If I can get a VPN on a router then that'd be awesome AND I could get a better router too and dump this junky Netgear 7550. So what say you, is this router VPN capable and will it(or does it already) run DD-WRT? Thanks.
    No matter where ya' go, there ya' are.

  4. $spacer_open
    $spacer_close
  5. #4
    Linux User Steven_G's Avatar
    Join Date
    Jun 2012
    Location
    Western US
    Posts
    415
    Not sure about DDWRT on this one; which IMHO is not all that it's cracked up to be.

    I followed all the steps *exactly* to flash a 100% verified compatible router and turned it in to a brick. So I bought two that were pre-flashed. He cracked both of them; one in under 15 minutes. And no matter what kind of config I did I couldn't keep him out of them. I played with it for weeks.

    And no, OOB the WNR1000 v3 won't do VPN. AFAIK you need a server to get VPN secure forwarding from a remote location to the web. The VPN in routers and gateways is for "road warriors". I.E. you need to log in to your net and access a file you forgot to DL to your lappy before you went to see your client or access a DB, etc corp type stuff.

    To be out and about, call home on VPN and then be pushed directly securely to the web over your home hardwire you need a combo VPN / web proxy server. Otherwise you'll have to call home, log in to a machine you left at the house and then fire up its web browser and go from there.
    Last edited by Steven_G; 08-27-2014 at 10:41 PM.

  6. #5
    Linux Engineer TNFrank's Avatar
    Join Date
    Jul 2013
    Location
    Crossville, TN. USA
    Posts
    967
    So what are they talking about here with the tweaks to the router that's suppose to give you a VPN via your router?
    https://www.youtube.com/watch?v=mmsI...fwWBYg&index=1
    No matter where ya' go, there ya' are.

  7. #6
    Linux User Steven_G's Avatar
    Join Date
    Jun 2012
    Location
    Western US
    Posts
    415
    I'm not familiar with gargoyle. Maybe it can use port forwarding and a combo client / server to do it all in one box inside a modified router? But if it's built on DDWRT I'd be leary of it for the reasons above. On the second one (PFSense) they are setting up a dedictaed OpenVPN server to forward the connection from the dedicated server to the web.

    If you can buy a router pre-flashed with gargoyle from a shop that guarantees its work I'd go that way rather than trying to flash one yourself. That way you're not SOL with a brick you paid good money for if the flash goes wrong like it did on me.

    The 2 I tried I bought already flashed and I was able to return them when I couldn't get them to stay secure. There are a couple of shops on Amazon that sell them pre-flashed.

    There are a lot of variables involved and I'm not saying that all DDWRT installs are unsecure. But both of the ones I tried my local butt wipe was able to crack with no problem. Now part of that could have been the hardware that the installs were on, b/c that makes a difference too.

    But for my money, I'd go with a good, secure cheap router and then set up a dedicated vpn/web proxy on an old junker or a pi.

    As a matter of fact I have a pi on the way from Amazon so I can set it up as a vpn/web proxy.

  8. #7
    Linux Engineer TNFrank's Avatar
    Join Date
    Jul 2013
    Location
    Crossville, TN. USA
    Posts
    967
    I think I may try to pick up that WNR1000 v3 next week. I'm sure it's much better then what I have now and it's not so expensive that if it's not all that much better I'd feel like I was out anything. Thanks for the heads up on it.
    No matter where ya' go, there ya' are.

  9. #8
    Linux User Steven_G's Avatar
    Join Date
    Jun 2012
    Location
    Western US
    Posts
    415
    Just make sure that no matter what router you have you turn off the push button wifi protected set up crap. There is a flaw in the algo that generates the PIN and it can be backwards factored with no problem at all. As a matter of fact that's how reaver works. And reaver can crack most routers b/c even when you go in to the interface and shut off that feature most routers still end up leaking / broadcasting the PIN even though you told it not to due to issues with how the firmware and / or hardware is set up.

    That's why hardware makes a difference, even with the open source router projects that are supposed to be secure.

    With the WNR1000 v3 when you tell it to turn off "push to connect" (their name for WPS) it actually does turn it off.

    And that link I posted was just first grab. I'm not 100% certain it's *version 3*. If you get one make darn sure it's v3 and not 1 or 2 b/c 1 and 2 are both listed as being known to be vulnerable to reaver.

    Also, make sure you lock it down. There are lots of tutorials on wireless router sec. The big three are the WPS crap, locking out remote admin and locking out wireless admin. Basically you want to make sure that it can only be admined by wire from your LAN.

  10. #9
    Linux Engineer TNFrank's Avatar
    Join Date
    Jul 2013
    Location
    Crossville, TN. USA
    Posts
    967
    I did change the password to get into my router but I don't know if I can lock it down so that I can only get into it from an RJ-45 or not. Not sure about WPS either. I do have my router WPA2 password protected and I have the SSID hidden so anyone just driving by looking for Wifi won't see it unless they're looking for packets or something.
    No matter where ya' go, there ya' are.

  11. #10
    Linux User Steven_G's Avatar
    Join Date
    Jun 2012
    Location
    Western US
    Posts
    415
    Hiding the SSID is actually a bad idea and can make you less secure in the long run. It's just a network name and hiding it is not a security feature. Besides, if anyone wants to find it that's real easy to do.

    And you can actually end up making yourself less secure by hiding the SSID depending on what connects to it and how. A lot of OS's, not just doze, actually end up broadcasting all kinds of info about hidden SSIDs b/c they are trying to connect to them all the time if they are set for auto-connect. And, hiding the SSID can also cause a lot of connection problems.

    On the one you have now dig through the interface and see if it has options for remote admin, if it does they can be disabled. And I haven't seen a router made in the last 10 years that didn't have the ability to turn off admin over wireless; which forces it to wire only.

Page 1 of 3 1 2 3 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •