|Router Security||Site Change Log||
Website by |
Jan 18: More router bugs, this time with ZyXel and Billion routers in Thailand. Also added quote from Bruce Schneir on how government regulation is the only solution to router and IoT security to the Other Gripers page.
Jan 14: Added info about FTC lawsuit against D-Link for insecure routers and cameras to the bugs page
Jan 13: Updated the WiFi Encryption page
Jan 6: Assorted updates to the Pepwave Surf SOHO page.
Jan 3: Updated page on Google Wifi/OnHub routers. Added Google custom search of this site. My first crack at this, we'll see how it holds up...
Dec 26: What else? Two new bugs added to the list. ZyXEL and Netgear this time around.
Dec 23: Added a new URL to test a router from the LAN as per Scott Helme's 2014 investigation
Dec 22: Added Scott Helme arguments against ISP provided routers to the ISP routers page.
Dec 15: Added link to the NETGEAR Product Security Advisory on the Resources page. Added more known bad DNS servers to the Test Your Router page. Added new router attack documented by Proofpoint to the bugs page. Updated the page on Google routers to include new mesh models and an article about their security.
Dec 10: Added a Netgear router flaw to the bugs page. Added a story from 2014 about ISP security incompetence to the ISP routers page.
Dec 8: Added a test to the Test Your Router page for port 81 due to Cybereason flaws found in IP cameras.
Dec 5: Revised writeup of the Mirai infection from Thanksgiving. Minor update to the Test your Router page.
Nov 28: Added a link to Resources page for my blog Getting started with the Ubiquiti AmpliFi mesh router. Also added new router attack on Port 7547 to the bugs page.
Nov 21: updated the Apple router page to note that they are getting out of the business
Nov 17: Added a new item, Internal Security, to the Security Checklist page
Nov 14: New HNAP page
Nov 11: Added a test for TCP port 7547 to the Test Your Router page. It is used by the remote management protocol TR-069 (a.k.a. CWMP).
Nov 10: Minor changes to the Pepwave Surf SOHO page. Added the latest availability info and that the new version should be concurrent dual-band, eliminating a big downside. Also added a D-Link buffer overflow bug from Aug. 2016 to the bugs page and a test for the port it leaves open on the Test Your Router page.
Nov 9: Two additions to the Test Your Router page: a new HNAP testing section and another TCP port to test for that is opened by a bug in Linksys routers from 2014. Also a new D-Link router bug involving HNAP.
Nov 1: Added documentation of two ongoing router attacks to the bugs page
Oct 30: Expanded the UPnP and NAT-PMP topic on the Turn Off Stuff page
Oct 27: Updated the Test Your Router page with TCP and UDP tests for LDAP. Also added a new section: TCP/IP Port Information. And, added a test for TCP port 2323 because some IoT devices use it as an alternate for Telnet.
Oct 20: Updated the bugs page with three new router security stories in the news
Oct 15: Minor updates to the Resources page including a Table of Contents at the top
Oct 14: Minor updates to the secure router configuration checklist on the home page. Added whoer.net for checking DNS servers and a warning about Telnet and SSH ports not being stealthed.
Oct 13: Updated the What can go wrong page
Oct 9: Updated the UPnP section of the Security Checklist page
Oct 8: Expanded the section on LAN side port testing on the Test Your Router page. Added new Router Reviews page, somewhat optimistically. Updated the OOBE and FIREWALL topics in the Security Checklist. Updated the Firewall Testers section of the Test Your Router page.
Sept. 30: Added UDP port 39889 to the list of ports on the Test Your Router page
Sept. 20: Added mention of VPN client, VPN server and Tor client to the checklist page.
Sept. 19: On the Resources page, added that Asus routers can be VPN clients with stock firmware and Tor clients with Merlin firmware.
Sept. 1: On the Test Your Router page added a test for NAT-PMP. Updated Keezel info on the Resources page.
Aug. 31: On the Test Your Router page, added more TCP and UDP ports that need to be checked. Also, added links to actually test these ports.
Aug. 30: I took my first stab at suggestions for improving router security. Added a Fixing Router Security section to the About page.
Aug. 29: Added dsnleaktest.com to the router security cheat-sheet on the home page.
Aug. 24: Removed hackerwatch.org from the Test Your Router page. Seems to be abandoned and broken.
Aug. 22: Updated the UPnP section on the Test Your Router page.
Aug. 19: Added bug in a BHU Chinese router
Aug. 17: Updated the VLAN topic on the Security Checklist page
Aug. 15: Updated the tester page to note the return of the F-Secure router tester service
Aug. 14: Updated info on the Invizbox Go and eBlocker on the Resources page.
Aug. 12: Minor changes to the Pepwave Surf SOHO page again, including a link to my blog about it.
July 30: Minor updates to the Pepwave Surf SOHO router page.
July 21: Updated the resources page with more on Ubiquiti Edge Routers and added the ThinkPenguin VPN router.
July 18: Updated the Pepwave Surf SOHO page with availability info and revised the Guest Network section.
July 9: Revised the Guest Network section of the Pepwave Surf SOHO page
July 7: Added a D-Link bug
July 5: Re-arranged and revised the Pepwave Surf SOHO page again. There is now a section on buying it.
July 4: Added a bug in TP-Link routers. Also added link on the Resources page and the bugs page to my blog: TP-LINK lost control of two domains used to configure routers and Wi-Fi extenders.
June 30, 2016. Minor updates to the Pepwave Surf SOHO page.
June 21, 2016. Still more bugs, so many, I had to not show 2014 bugs by default to keep page size small.
June 16, 2016. Still more bugs.
June 12, 2016. Expanded the Security Checklist page with new items on routers configured with smartphone apps and out of box off-line configuration.
June 11, 2016. Added new section to the Pepwave Surf SOHO router page on its monitoring and reporting capabilities.
June 7, 2016. Added Arris cable modem design flaw from April 2016 to the list of bugs
May 28, 2016. Added Modem Tests to the Test Your Router page. Also added an update from Arris to the bugs page regarding the many flaws in their devices reported in November 2015.
May 21, 2016. Ubiquiti bug added to the bugs page.
May 16, 2016. Updated the Introduction to Routers page to include routers with speakers, microphones and fans.
May 11, 2016. Added Portal router Guest networking to the Security Checklist page and added Portal router to the resources page.
May 9, 2016. Added the upcoming Ubiquiti AmpliFy line to the list of consumer router alternatives on the Resources page.
May 8, 2016. Added the Tiny Hardware Firewall to the list of devices offering both VPN and TOR on the Resources page. Also added OpenWRT and LEDE to list of third part firmware.
May 3, 2016. Added WebRTC leak tests to the Test Your Router page.
May 2, 2016. Added another Anonabox review to Resources page. Added MikroTik to the list of consumer router alternatives.
April 25, 2016. Added a new, short Routers for Dummies page.
April 19, 2016. On the Resources page, updated the section on VPN and TOR routers.
April 12, 2016. Added new DNS changing malware to the bugs page along with an attack from March 2015 that abused Google Analytics after changing DNS in a router. On the Test Your Router page, I noted the demise of the online UPnP tester from Rapid7 along with other minor changes. Added another router with two fimwares and another that can self-update its firmware.
April 4, 2016. Added Quanta router bugs to the bugs page.
March 31, 2016. Added a report on Remaiten, a Linux bot that abuses Telnet in routers to the bugs page.
March 27, 2016. Minor updates to the Pepwave Surf SOHO page.
March 21, 2016. Updated the Wake-On-LAN paragraph on the checklist page.
March 18, 2016. Added a password bug in a Netgear gateway in Australia. Also added another flaw with the same device from April 2014.
March 13, 2016. Add bugs in Cisco modems and gateways to the bugs page
February 29, 2016. Lots of new router bugs discovered in Netgear, D-Link and other routers.
February 26, 2016. Added the FTC settlement with ASUS to the bugs page.
February 25, 2016. Added the just-released Eero routers to the list of those that can self-update on the resources page.
February 24, 2016. On the home page added suggestion to turn off wireless networks when not in use. On the resources page, added advice from US Cert.
February 23, 2016. The FTC is added as another source warning to avoiding consumer routers, in this case from ASUS. On the Test Your Router page, added a note that the F-Secure router checker has been down for a while. Added ASUSWRT-Merlin firmware to the list of Third Party software on the Resources page.
February 15, 2016. Minor revision to the Firmware topic on the Checklist page. Minor revision to the Resources page. Three new bugs added to the Router Bugs page. Added sample Shodan query to the Firewall testers section of the Test Your Router page.
February 11, 2016. Added more gripers to the page about Avoiding Consumer Routers
February 10, 2016. Updated the consumer routers page to more strongly point out that they contain old, buggy software. Also updated the Resources page to add the Synology RT1900ac Router to the list of those that can function as a VPN client. This router supports three, count em, three, types of VPNs. Also added the Synology RT1900ac to the list of self-updating routers and used it as an example of a router that forces you to chose a new password during initial setup. And, on the checklist page, added that the RT1900ac can schedule Wi-Fi networks. Added a list of bugs fixed in pfSense in Dec. 2015 to the bugs page.
February 7, 2016. Updated Resources page to note that while starter devices with Smallwall pre-installed do not do Wi-Fi, the OS does support it, if you add a Wi-Fi card inside the box. Also, more bugs added to the bugs page.
February 5, 2016. Updated the Pepwave Surf SOHO page to add that it can restrict local admin access to the router to a single SSID/VLAN. Also added this to the Guest Network and Local Admin sections of the Security Checklist page.
January 31, 2016. Added another reason not use a modem/router/gateway provided by an ISP to the ISP routers page.
January 27, 2016. Added some more links to a few pages.
January 22, 2016. Added more router bugs to the bugs page.
January 20, 2016. Added a new section about stepping up from the Surf SOHO to the Pepwave Surf SOHO page. Also added screen shots of the firmware update process in the "And" section of the page.
January 13, 2016. Added eBlocker and Keezel to the Coming Soon section of the Resources page. Security devices seem to be a hot thing.
January 8, 2016. Added Invizbox Go as a VPN and TOR router in the Coming Soon section of the Resources page.
January 6, 2016. Added Luma to the "Coming soon.Maybe." section of the Resources page because it claims it will have some unusual security features.
January 4, 2016. Added InvizBox Go to the TOR router section of the Resources page. It is expected to be released next month and offers both TOR and VPNs.
January 3, 2016. Minor updates to the About page. Added point about Apple routers missing OpenSSL patches to the Apple Routers page.
January 2, 2016. Added a paragraph about kicking kids off the Internet to the Security Checklist page as a non-security feature to look for.
December 30. Added that a guest network on the Pepwave Surf SOHO locks users out of the web interface of the router. Also linked to two new articles about Apple routers on the bottom of the Apple router page.
December 29. Added a new router griper. Minor changes to resources page. Added a great article about Apple routers to the Apple router page. Added another reason to avoid consumer routers: documentation. Added a new issue for Guest networks to the Security Checklist page - can a Guest user log into the router?
December 24. Added two gripes to the Pepwave Surf SOHO page - it can not function as a VPN client and the documentation is useless. Also added a new section on Guest Networks.
December 21. Added to the Pepwave Surf SOHO page that Peplink emails about new firmware releases and that the Surf SOHO is very different from the Surf On-The-Go. Also noted in the Security Checklist page about Peplink sending email about firmware updates.
December 14. Added a list of self-updating routers to the Resources page. Only two that I know of, so far.
December 13. Added link to my blog on Guest Wi-Fi networks to the Resources page and the Security Checklist.
December 10. Major updates to the Peplink router page.
December 10. Minor updates to the Guest Network section of the security checklist.
December 9. Added a new section to the Test Your Router page with TCP/IP ports.
December 9. Added multiple router bugs to the bugs page.
December 9. Added an example of Linksys ignoring bug reports to the Dont buy a consumer router page.
December 9. Revised the VLAN discussion on the Security Checklist page.
December 8. Revised the first few paragraphs of the Introduction to Routers page.
December 5. Created a new Test Your Router page with data from the Resources page.
December 4. Added a note on the New Router page that Google OnHub routers can not be configure off-line.
December 4. Added a note that the Pepwave Surf SOHO is $159 without antennas at 3GStore
November 30. Added to the Security Checklist page a Feb. 2014 review of an Asus router that determined it used no security at all, both when checking for new firmware and when downloading it.
November 29. Added the F-Secure Sense to the "Coming Soon. Maybe" section of the Resources page.
November 29. Added a link to Amazon.com to buy a Pepwave Surf SOHO (not an affiliate link) to the Peplink router page
November 23. Added new bug in a D-Link router to the bugs page
November 23. Updated the new router section of the Introduction to Routers page and also added 2 new sections: Input to a Router and the number of wireless networks routers create.
November 23. Added to the Security Checklist page that the NETGEAR R6400 has a Wi-Fi on/off button in an easy to locate position.
November 23. Added a couple links to the page on Google OnHub routers, one for a SmallNetBuilder review and one to a Google article that describes the privacy issues.
November 22. Added a new griper, James Morris of PC Gamer, to the Other Gripers page.
November 21. Created this Change Log page.
November 21. Security Checklist page. Added new topic NO DEFAULT PASSWORDS.
November 20. Security Checklist page. Revised topic on LOGGING.
November 19. Security Checklist page. Added topic on EMAIL.
November 18. Security Checklist page. Updated LOCAL ADMINISTRATION topic with a new issue: whether you can log out of the web interface.
November 15. Added new page on Google OnHub routers
November 15. Security Checklist page: updated section on ROUTER PASSWORD
November 11. Security Checklist page: added topic on SSID HIDING