|Router Security||Website Change Log||
Website by |
Jan 22: Added news story about Netgear routers
Jan 21: Updated the coverage of Gryphon and moved it to the Secure Router page.
Jan 19: Updated the Introduction page.
Jan 13: Added Cable Haunt flaw to the Bugs page.
Jan 12: Updated the page on configuring a new router.
Jan 11: Moved comments on suggested secure routers from the home page to its own page.
Jan 6: Added a note to the Pepwave Surf SOHO page that it can indeed be used with Peplink Access Points.
Dec 31: Added more D-Link router bugs
Dec 29: Added multiple bugs in Ruckus Access points to the Bugs page.
Dec 23: Updated the Bugs with the bugs in TP-Link routers. Added a new topic to the Surf SOHO configuration page explaining how to update to new firmware releases while still keeping the older firmware available for fallback or production use.
Dec 22: Updated the section on VPN client routers in the Resources page.
Dec 20: Updated the Google routers page with some info on new Nest routers
Dec 17: Updated the Firmware Updates page with info on upgrading Surf SOHO to firmware 8.0.1. Also updated the Ubiquiti section of the Secure Routers page.
Dec 16: Updated the Pepwave Surf SOHO page to reflect ongoing problems with the router talking to a cable modem.
Dec 4: Updated the Resources page section on additional plug-in security devices, including adding Syfer.
Dec 2: Updated the Secure Routers page with info on the new Ubiquiti UniFi Dream Machine router.
Nov 20: Added two different stories about different bugs in D-Link routers to the Bugs page.
Nov 18: Added an excellent article to the Other Router Security Advice page.
Nov 14: Added a story to the News page about Plume and their ISP partnerships.
Nov 8: Added story about Ubiquiti routers to the News page. Updated the Secure Routers page.
Nov 3: Big updates to the Secure Routers page. Added a news story to the Routers in the News page.
Oct 31: Minor tweaks to the Short List on the home page.
Oct 25: Buggy D-Link routers that will not be fixed. Added a new item to the Bugs page and on the Test Your Router page, linked to a Proof Of Concept tester page.
Oct 22: On the Surf SOHO initial configuration page, added about blocking off a printer from the Internet using a firewall rule.
Oct 19: New section added to the Secure Routers page. Minor changes to the Pepwave Surf SOHO page.
Oct 17: Updated the Mesh Router page about AmpliFi - it has an open TCP port and they ignored my email about it. Also added to the News page a story from August about disabling the public Wi-Fi on Comcast gateways.
Oct 14: Routers still buggy after all these years - new News story about ISE research.
Oct 8: Lots of updates to the Google routers page. Added a bug in D-Link routers to the Bugs page.
Oct 2: Added a section on VPN client software to the Synology page.
Sept 26: Updated the Eero page with information on just-announced 3rd generation models (see the Other Eero Info section).
Sept 25: Updated the description of Firewalla on the Resources page.
Sept 24: minor updates to the Security Checklist page.
Sept 23: Updated News and Bugs pages with info on the WS-Discovery port being opened on the WAN. More Synology updates.
Sept 21: More Synology updates. Updated the description of WPA2 Enterprise in the WPA Encryption page. Moved the discussion of WPA2 Enterprise from the home page to the WPA Encryption page.
Sept 19: Many updates to the Synology page.
Sept 17: Many updates to the Synology page. Added new TCP and UDP scanners to the Test Your Router page.
Sept 13: Created a new page for Synology routers.
Sept 11: Added Ping Reply to the initial setup of the Surf SOHO page. Also added the suggestion to avoid firmware 8.0.0.
Sept 10: Started a new section on the Resources page for Router/Network software. Updates to the Bad Neighbor page. Updated the Surf SOHO page to note the open ports on the LAN side.
Sept 8: Added another LAN side program to test for open ports in a router to the Test Your Router page.
Sept. 5: Added a new page for bad neighbors.
Sept. 3: Updated the description of the Invizbox 2 on the Resources page. Minor change to the Checklist page.
Aug 26: Added a News story about bad Wi-Fi security at WeWork.
Aug 21: Updated the Mesh Router page, yet again, with more on AmpliFi. Also added a new section to the page configuring the Pepwave Surf SOHO - how to create a wireless network for children that cuts off their Internet access at bed time.
Aug 19: Updated the Mesh Router page again with more on AmpliFi. I'm done with them.
Aug 17: Added to the News page a recent botnet detected in the Philippines and Thailand. Also added TCP port 23455 to the Test Your Router page to detect this malware. Updated the Mesh Router page with info on the new VPN feature in AmpliFi routers.
Aug 16: Updated the Bugs page with some obscure bugs allowing data to pass between Private and Guest Wi-Fi networks.
Aug 13: Consumer Reports reviewed 29 routers. The Secure Routers page has a critique of the article. So too does the Router News page. Also added an article about buggy 4G hotspots to the Bugs page.
July 28: Updated Firewalla description in the Resources page.
July 22: Added a review of Disney's Circle to both the News and Resources pages
July 16: On the Consumer Router page, added gripes about the AmpliFi mesh router documentation.
July 15: Updated a few pages to note that QNAP NAS boxes can also serve as a RADIUS server for WPA2 Enterprise.
July 13: Router News - still more DNS Hijacking of routers in Brazil. Its an epidemic.
July 10: Added information about the Nokia Beacon mesh routers to assorted pages.
July 9: More gripes about the Google Wi-Fi app on the Google router page. Added Nokia Beacon to Mesh Routers page.
July 4: More Router News about Cisco.
July 3: D-Link agreed to get their act together in a settlement with the FTC. Added to Router News page.
July 1: Added another UDP port to the Test Your Router page.
June 30: Added bugs in TP-Link Wi-Fi extenders to the Bugs page.
June 20: On the Resources page, in the topic on VPN Routers, added a link to a great article on the subject from RestorePrivacy.com
June 17: Added another Cisco bug to the Bugs page.
June 8: Added some outgoing firewall rules to the page on configuring the Surf SOHO router.
June 7: Added info about Apple Homekit's planned integration with routers to the News page.
May 29: Updated the News page with a test that I ran on my own router. It was attacked/probed a lot.
May 27: Added >Trend Micro Home Network Security to the Resources page (section on Add-On Security Devices) and added warnings about this class of device to the topic heading.
May 25: Updated gripes about the Pepwave Surf SOHO manual not being updated. Added Roqos router to the Resources page.
May 24: Yet more Cisco bugs, including a doozy in their hardware, added to the Bugs page.
May 23: Added the GL.iNet AR750S router to the Resources page as a VPN client router. It has a lot going for it. Added a bug in TP-Link routers to the Bugs page.
May 18: Added a News story about routers being hacked to install Windows malware.
May 16: The latest bug in Windows RDP is yet another example of the defense that can be provided by VLANs. Added to VLAN page.
May 14: Updated the HNAP page, adding a CVE from 2014, sample expoit code from GitHub and the latest HNAP flaw in Linksys routers.
May 13: An information leak bug in 33 Linksys routers added to the bugs page. And, Linksys will not fix it.
May 8: Routers in the news: a router was found in an Airbnb with a peephole and a camera inside it.
May 1: Updated the ISP router page with a story about Sky Broadband in England bricking their customers routers with a firmware update. Also updated the Router News page with yet another critical bug in Cisco hardware.
April 30: New responsive menu bar. This will take time as every page has to be updated.
April 27: Added GreyNoise IP scanner to the Shodan page.
April 26: Added my blog about defending against insecure IoT devices with a router to the News page and Surf SOHO pages.
April 18: Added many Cisco bugs to the Bugs page.
April 11: Added topic of blocking Windows 10 spying on us by blocking Microsoft domains to the page on configuring the Surf SOHO router. Also added links to the many design flaws in WPA3 to the WiFi Encryption page.
April 9: Added 3 bugs in a Verizon Fios gateway to the Bugs page and the ISP routers page. Minor bug in TP-Link routers added to the Bugs page.
April 5: Yet another DNS changer attack added to the News page. Ho hum.
April 4: Added firewall configuration to the page on Initial Config of the Surf SOHO router.
April 2: Added a News story from Sophos about the recently disclosed TP-Link router flaw that everyone should read.
March 31, 2019: Updated the Consumer Router Alternatives section of the Resources page with a mini-PC hardware recommendation.
March 29, 2019: Added a new TP-Link router bug to the Bugs page. It gives great insight into how little TP-Link cares about security. Added TP-Link bugs in the TL-R600VPN router that were reported in November 2018 to the Bugs page. Fixes are supposed to be available, but they are not.
March 28, 2019: Added a Huawei UPnP test for port 37215 to the Test Your Router page and added a News story about miserable security in Huawei routers. And, added a News story with router advice from Readers Digest. Pretty funny.
March 27, 2019: Router news about bugs in a Cisco VPN router.
March 25, 2019: Minor changes to home page.
March 20, 2019: Added news about Talos finding 11 bugs in Cujo.
March 13, 2019: Added a second on-line UPnP tester to the Test Your Router page. More minor updates to the Surf SOHO Configuration page.
March 8, 2019: Minor updates to the Surf SOHO Configuration page.
March 7, 2019: Updated the Other Eero Info section of the eero page with a takedown of an article touting eero. Updated the Stats page. Updated Router News page with a story about buying router bugs.
March 6, 2019: Minor updates to the Surf SOHO Configuration page.
March 3: added a D-Link bug to the bugs page.
March 1: Still more eero updates.
February 28, 2019: Cisco security flaw added to News page. Updated the page on initial configuration of a Surf SOHO.
February 27: Still more eero updates
February 26: Still more eero updates - new section on Wi-Fi Channels and Channel Width. eero bad.
February 25: More Eero updates.
February 24: Many updates to the Eero page.
February 23: I now have an Eero router, so I updated its section on the Mesh Routers page with new observations. Then, I created a new page just for Eero.
February 20: Multiple changes to the Mesh Routers page.
February 17: Updated the pfSense topic on the Resources page.
February 9: New section added to the WPS page: Client Operating Systems and WPS.
February 5: Added to the WPS page that the Netgear Nighthawk X4 R7500 v2 can not disable WPS. Still more Cisco bugs added to the Bugs page.
January 31: The Test Your DNS page started with a long explanation of DNS. Now it defaults to a short intro with an option to see the long explanation.
January 30: Added a story about Cisco Small Business switches with a back door account to the Bugs page. Added a test for TCP port 6 to the Test your Router page as a result of new malware found by Trend Micro. Added a new bullet point to item 22, Monitoring Attached Devices on the Security Checklist page.
January 28: Added a quote about router security from Eric Sauvageau, the man behind the Asuswrt-Merlin firmware to the Other Gripers page. Great great quote from an obvious expert: "I've been saying it for years: its time router manufacturers stop treating routers as gadgets, and start treating them as the security devices they really are. These things are everyones frontline defense on their network. That they also provide wifi is just a by-the-way, not the other way around."
January 28: Added a news story about the Japanese government hacking IoT devices and another story about know bugs in two Cisco routers being targeted. Also added the three Cisco bugs to the Bugs page. Added two Cisco bug tester URLs to the Shodan page and added Cisco bug tester LAN side URLs to the Tester page.
January 22: Updated the Bitdefender Box topic on the Resources page in the add-on security devices section.
January 21: Added Firewalla (not a typo) to the Resources page in the section on add-on security devices.
January 19: Expanded the section on the pcWRT router in the Resources page. Added a bit about Circle parental controls embedded in some Netgear routers to the Resources page.
January 18: On the Resources page, added a note that the Symantec Norton Core router has been discontinued.
January 17: Updated the Privacy section (item 27) of the Security Checklist.
January 16: Updated topic of Remote Administration on the Turn Off Stuff page. Added Wired UK clickbait article to News page.
January 15: On the Pepwave Surf SOHO page, updated the closest competition section with revised information on Draytek and Synology routers. Added Zerodium to the News page wondering about being a lesser target.
January 14: Added News story about Charter/Spectrum offering Cujo sometime in 2019.
January 12: Added Fingbox to the Security Checklist page (item 28) as it can alert you when new devices join the network. Revised and expanded Privacy (item 27) on the Security Checklist page.
January 9: Updated the UPnP section of the Security Checklist.
January 6: Added a News story predicting more router hacking in 2019.
January 2: Modified the Checklist page to note that Netgear does not support HTTPS on the LAN side. Added three more TCP ports to the Tester page as a result of bad guys hacking smart TVs, Chromecasts and Google Home. Added story about hacking these devices to the Router News page.
December 31, 2018: Added two critical Synology router bugs to the Bugs page.
December 23, 2018: Read a Gryphon router review and updated info on the Resources and Checklist pages. Added a news story about a Netgear router that failed to report available updates.
December 21, 2018: Added a Huawei router bug to the Bugs page along with 1 or 3 D-Link bugs that disclose the device password in clear text.
December 20, 2018: Added some Charter/Spectrum sleeze to the page about avoiding ISP routers.
December 19, 2018: Added the Congressional report on The Equifax Data Breach as an example of VLANs in the news on the VLAN page.
December 17, 2018: Added a report by Cyber-ITL on the security of 28 routers to the News page. Still more updates to the page on IP addresses.
December 10, 2018: Revised the IP address page again. Added Trendnet router bugs to the Bugs page.
December 9, 2018: Revised the introduction on the IP address page.
November 29, 2018: Updated my summary of the latest UPnProxy attack on routers on the News page. Re-did the UPnP tester section of the Test Your Router page as a result of this story.
November 29, 2018: Updated the What Can Go Wrong page with a quote from Akamai about the potential impact of the latest router attack.
November 28, 2018: Updated the Test Your Router page. Added Shodan link, censys.io link, public IP address display, public name display. Yet another attack on UPnP was added to the Routers in The News page.
November 27, 2018: Updated the Security Checklist page with some ideas from the German government.
November 26, 2018: Updated the Test Your Router page to add tests for TCP ports 2375 and 2376, which are used by Docker. Artistic changes to the home page - a new index at the top and no more big brown lines for section headers.
November 25, 2018: Minor update to latest story on Bugs page. Moved some bugs to the Router News page.
November 21, 2018: Minor update to the ongoing care and feeding section at bottom of home page. Added a D-Link router bug to Bugs page.
November 20, 2018: Updated the Test Your DNS Servers page to note that bad results are only on Windows and to add the Cloudflare tester page. Also, Router Security news from the German government.
November 19, 2018: Updated the new Test Your DNS Servers page with gotchas in the AND section.
November 18, 2018: Added a section on the Synology MR2200ac to the Mesh Routers page.
November 16, 2018: Updated the long checklist on the home page. Separated Wi-Fi passwords and encryption into their own bullet points and revised the text.
November 14, 2018: More updates to the Test Your DNS Servers page.
November 13, 2018: New web page. Sort of. The section on Testing Your DNS Servers has been moved from the Test Your Router page to a new page with an expanded introduction.
November 12, 2018: Updated two sections on the Test Your Router page - the introduction the Firewall section and the intro to the DNS servers section.
November 9, 2018: Added a test for TCP port 5431 to the Test Your Router page. It is used by the BCMUPnP_Hunter botnet. Also added the BCMUPnP_Hunter botnet to the Router News page. Added another backdoor account in Cisco software to the Bugs page.
November 7, 2018: Added bugs in Cisco, Meraki and Aruba Access Points to the Bugs page.
November 6, 2018: Added bugs in the Xiaomi Mi Router 3 to the Bugs page.
November 5, 2018: Updated the Bugs page with a backdoor account found in some gateway devices from EE.
November 3, 2018: Added a router attack in Poland to make money by sending SMS messages, to the Routers In The News page. Updated the topic of WPA3 on the Wi-Fi Encryption page.
November 1, 2018: Added another VLANs in the News story. Home page has a warning about a scam website to avoid. Added a modem flaw article to the Modems page.
October 31, 2018: Updated the Other Router Security Advice page to include a so-so article from Consumer Reports. New Cisco flaw added to the Bugs page.
October 26, 2018: Updated the Test Your Router page with a test for buggy firmware in two Linksys E series routers.
October 22, 2018: Amazon no longer sells the Surf SOHO. 3G still does for the same $199. Updated the Bugs page with new information about the Krack vulnerabiity in WPA2.
October 21, 2018: Added bugs in Linksys E Series routers to the bugs page.
October 19, 2018: A Cisco bug added to the Bugs page and a VLANs in the news story added to VLAN page.
October 17, 2018: New D-Link router bugs added to the Bugs page.
October 15, 2018: Added some links to the Turris Omnia page.
October 14, 2018: Minor updates to the IP address page. Updated the security checklist to add whether the router logs every login attempt.
October 13, 2018: Updated the Turris Omni page including adding a new Wi-Fi section.
October 12, 2018: Add GhostDNS to the Router News page. The Shodan page was enhanced to also display Censys.io data for your public IP address.
October 10, 2018: Updated the Test Your Router page to include TCP port 9527 which is used by Xiongmai video devices for a Telnet-like console interface. Updated the Google Wi-Fi page with still more disappointments.
October 9, 2018: Still more updates to the Turris Omnia page and its section on the Firmware Self Updating page. Updated the Test Your Router page with a LAN side URL that detects insecure video surveillance systems made by Xiongmai.
October 8, 2018: Added more MikroTik horrors to the Bugs page and some more Turris Omnia updates.
October 7, 2018: Added the Torii botnet to the Router News Page.
October 5, 2018: Updated the Router News page and the Test page with new information about VPNfilter which might open TCP port 5380.
October 2, 2018: Many updates to the Turris Omnia page. Added a VLAN in the news article to the VLAN page. Updated the page on self-updating firmware with a quote from Robert Graham.
October 1, 2018: Updated the Turris Omnia page.
September 30, 2018: Updated the Turris Omnia page to note that it failed testing at Shields Up! Updated the Downsides section of the Pepwave Surf SOHO page with more about the problem connecting to cable modems. Removed the mxtoolbox.com port scanner from the Tests page as the service is no longer offered. Added two TCP ports that MikroTik owners should test to the Tester page.
September 27, 2018: Added news story about routers with many many bugs.
September 26, 2018: Updated the Turris Omnia page.
September 20, 2018: Updated Gryphon router summary on the Resources page.
September 20, 2018: Minor changes to the page on configuring the Pepwave Surf SOHO router
September 18, 2018: After all this time, I added a new security suggestion to the long list on the home page - use a clean browser session.
September 17, 2018: Updated WPA2 Enterprise section on the WPA and WEP page to note that IoT devices may not support WPA2 Enterprise.
September 14, 2018: Minor update to Turris Omnia page about the lights
September 8, 2018: Updated the mesh router page to note that Eero, Gwifi, Velop and AmpliFi do not support WPA2 Enterprise. Also added a section on WPA2 Enterprise the WPA and WEP page. Added a mention on the Surf SOHO page that it supports WPA2 Enterprise.
September 7, 2018: Added two stories to the News page
September 3, 2018: Yet another botnet added to Router News page
September 2, 2018: Updated the bandwidth monitoring screen shots on the Pepwave Surf SOHO page.
August 31, 2018: The first two routers that you can talk to were just announced. Updated the Introduction page with a link. Also updated the Surf SOHO page to add that it does monthly bandwidth allowance tracking for an Internet/WAN connection.
August 30, 2018: Updated the Pepwave Surf SOHO page to note that it can now create 16 SSIDs. The old limit was 3.
August 25, 2018: Updated the Pepwave Surf SOHO page to add that it scores well on BufferBloat at DSL Reports.
August 22, 2018: Updated the section on port scanning the WAN interface of a new router on the New Router page.
August 21, 2018: Added a News story that broke a couple weeks ago while I was on vacation. Its much ado about nothing - a new way to crack WiFi passwords. Updated the Pepwave Surf SOHO page to note that fix is finally available for the problem connecting to modems.
August 20, 2018: Expanded the Detecting WPS section of the WPS page, again.
August 19, 2018: Updated the Router News page with a story of the NSA using hacked routers to copy VPN traffic. Expanded the section on Detecting WPS on the WPS page.
August 18, 2018: Updated the WPS page to add that on macOS, WiFi Explorer detects wireless networks that support WPS.
August 17, 2018: Updated Pepwave Surf SOHO page, they do support dynu.com for DDNS. Added pcWRT router to Resources page.
August 16, 2018: Added another gripe about consumer routers. From September 2017 by Robert K. Knake
August 15, 2018: Multiple bugs in multiple TP-Link Wi-Fi Extenders added to the Bugs page
August 14, 2018: Minor updates to the Pepwave Surf SOHO page. Added a Cisco VPN bug from Jan. 2018 to the Bugs page.
August 12, 2018: Added a story about D-Link routers hacked to changed DNS servers to the News page. Added www.whatsmydnsserver.com to the DNS server tester pages on the Test Your Router page.
August 3, 2018: Added a WPA3 topic to the WPA2, WPA, WEP encryption page.
August 2, 2018: Added a new Gotcha section to the IP Addresses page (thanks to reader feedback).
August 1, 2018: A new thing here; some good news. Added note about a new OpenWRT release to the News page. And, added a story about MikroTik routers being hacked at ISPs.
July 28, 2018: Added suggestion to turn off QoS to the Turn Off Stuff page as per an article about Netgear routers. Added a couple articles to the Modems page about modems with buggy Puma6 chipsets.
July 24, 2018: More router attacks added to the Router News page
July 22, 2018: Added Intel AMT bugs as another VLANs in the News story to the VLAN page
July 19, 2018: More gripes about the Google Wifi mesh system. New Avira router security product added to News page. A Russian bank lost almost a million dollars due to an outdated router - added to News page.
July 12, 2018: Added a story to the Router News page, a Netgear router hack of FTP led to the leaking of military documents. Added a Juniper bug to the Bugs page.
July 11, 2018: Added a summary of a Linksys Velop review to the Mesh Routers page.
July 8, 2018: Added a VLANs in the News story to the VLANs page. Added new bug fixes to the Bugs page for ADB routers and gateways.
July 7, 2018: Updated text for disabling UPnP on home page. Added a link to the ShieldsUP! UPnP tester to the home page. Added other secure router suggestions to the home page. Added DrayTek as a close competitor to the Surf SOHO router on the Surf SOHO page.
July 5, 2018: Added a link on the home page to my presentation on Router Security from October 2017. Minor tweaks to the home page.
July 4, 2018: Another story about routers being abused in DDoS attacks added to News page.
July 2, 2018: Added note about a future update to the page on configuring the Surf SOHO router
June 30, 2018: Added link to Symantec VPNFilter tester page to the Router News page.
June 28, 2018: Updated the Turris Omnia page. Updated the Bugs page with a response from Vilfo to a review of their VPN router.
June 26, 2018: Updated the Turris Omnia page. This will be happening often, each update may not get mentioned here.
June 25, 2018: Linked to a slew of new Netgear patches on the Bugs page. Added a new DNS rebinding attack as another VLANs in the news story to the VLAN page. Updated the Turris Omnia page.
June 24, 2018: Added the Fortigis security device and the Beam router to the Resources page.
June 23, 2018: Added a new page on the Turris Omnia. Not much there, yet.
June 22, 2018: Added comments on the lights of the Surf SOHO router to the And section of its page. Added a gripe about firmware updating a TP-Link access point to the Firmware Update page.
June 21, 2018: Minor update to the section on buying the Pepwave Surf SOHO on its page. Minor update to my recommendation for it on the home page.
June 20, 2018: Added story about D-Link DSL gateways being hacked by the Satori botnet to the Router News page and the Bugs page. Added two new TCP ports to the Tester page because they are used by the latest update to the Satori botnet. Added link to emulator for Turris routers to the Resources page.
June 19, 2018: Minor updates to the Other Gripers page, Bugs page and the Resources page.
June 16, 2018: Added some known modem flaws to the Modems page. Added an eero article to the Mesh Routers page.
June 15, 2018: Added a Router News story about a hacked MikroTik router serving as Command and Control. Also added survey results from Rapid7 showing 453,000 routers with an open Telnet port.
June 14, 2018: Updated the What Can Go Wrong page to include a couple tricks from the VPNFilter malware.
June 11, 2018: Added Recon Sentinel to the list of security devices that be added to a network on the Resources page
June 9, 2018: Updated the beginning of the Surf SOHO Initial Configuration page.
June 8, 2018: Added lots of Cisco bugs to the Bugs page. Coverage of VPNFilter on the news page has been updated a few times the last few days. Added the Netgear R6400 to the list of self-updating routers on the Resources page and the Self Updating Firmware page.
June 2, 2018: Update VPNFilter coverage on the Router News page. Added a test of port 2000 to the Test Your Router page, for VPNFilter which uses it to attack Mikrotik routers. Updated the Firmware Updates page to add the issue of re-installing the same firmware on top of itself - thanks to VPNFilter.
May 30, 2018: Better late than never, added coverage of VPNFilter router malware to the News page.
May 29, 2018: Updated the What Can Go Wrong page to add that a router can be permanently disabled by malware, as seen with VPNFilter. More funny Wi-Fi network names added the to the SSID page.
May 28, 2018: Updated the Pepwave Surf SOHO to note that it was resistant to the VPNFilter malware.
May 27, 2018: Updated the avoiding ISP hardware page to mention how Verizon used WEP years after it was know insecure and the FTC went after them in 2014 (and did nothing in the end).
May 26, 2018: Added two more reasons for Comcast customers not use their equipment to the avoiding ISP hardware page. Also added Comcast leaking customer info to the bugs page.
May 24, 2018: Added D-Link router bugs found by Kaspersky to Bugs page
May 22, 2018: Added to the bugs page that British ISP Talk Talk routers are vulnerable to WPS pin code attacks
May 21, 2018: Added flaw in DrayTek routers to both the bugs page and news page. Added WICKED botnet to the news page and updated the Test Your Router page with tests for ports 8443 and 8080 that it attacks.
May 18, 2018: New section on the Resources page for Supposedly Secure routers, those marketed based on their security features
May 17, 2018: Another set of bugs in Cisco software including three critical ones, added to the Bugs page
May 15, 2018: Added article by Imperva to Router News page about UPnP being abused in a new way
May 14, 2018: New article on router security for train operators add to the Other Router Security Advice page. New bugs in Sierra Wireless routers added to the bugs page.
May 12, 2018: Added the suggestion to periodically reboot a router as a way of removing malware to the home page.
May 11, 2018: Updated the Router News and Router Bugs pages. Updated the Resources page to add F-Secure SENSE being offered to router vendors to integrate into their routers.
May 10, 2018: Redid the opening section of the Introduction to Routers page.
May 8, 2018: There is no end to bad articles about router security. Added another to the Other Router Security Advice page. Also updated the firmware update advice on the home page.
May 7, 2018: Not wanting to promote bad articles about router security, the Other Router Security Advice page no longer links to the worst articles, just lists the URL in plain text instead.
May 2, 2018: Added a new bug report that a million routers are vulnerable to two different flaws. Also a new article on hacking MikroTik routers added t o the bugs page.
April 30: Added a router in the news story, added a VLAN in the news story to the VLAN page and added another griper to the Other Gripers page. Added an article about being victimized by malicious DNS servers to the What can go wrong page.
April 29: Updated Mesh router page with more details on the downside of cloud based management and a link to an article about evaluating mesh router systems. Added a networking quiz at the bottom of the VLAN page.
April 26: Apple finally came clean and admitted they don't make routers any more. Added to news page. Added two TP-Link bugs to the Bugs page, one from this month, the other from Oct. 2017.
April 25: Added new flaw with ZTE routers used by British ISP Hyperoptic to the Bugs page. Added changing LAN side IP address of the router to the home page. Added more funny SSIDs to the SSID page.
April 24: Added info about a Wi-Fi slowdown bug to the Surf SOHO page
April 23: Updated news page story on UPnProxy, yet again
April 22: Updated news page story on UPnProxy
April 21: Added note about stolen Peplink routers to the Surf SOHO page. Added note about registering a new Peplink router with InControl2 to the setup page for the Surf SOHO. Added a new potential downside to the Surf SOHO page that involves Wi-Fi speed. Added TP-Link Guest Wifi networks to the VLAN page.
April 18: Moved some coverage of router exploitations from the Bugs page to the Routers In The News page. In the page on initial configuration of the Surf SOHO, I added a paragraph about connecting it to an existing router/gateway.
April 16: Updated the What Can Go Wrong page and added two stories about router hacking to the Routers In The News page
April 15: Updated the SSID page and added a news story about the Boston Red Sox. Also updated the VLAN page with more on VLANs that allow the fish to see each other.
April 13: Minor changes to the home page and a new Routers in the news story from The Register
April 12: Added a Router News story about a Chinese city where shops are forced to use government approved routers. Added Nirsoft DNS Query Sniffer as a tester for DNS leaks when using a VPN.
April 11: New web page devoted to Routers in the News. Huge clump of Cisco bugs and attacks on Cisco devices added to the Bugs page. Added TCP port 2000 to the Tester page. And, due to these Cisco bugs, added TCP port 4786 and UDP port 18999 to the Tester page.
April 10: Added the GL.iNet GL-AR750 as a VPN client router on the Resource page
April 6: Added router security gripes by Kirill Shipulin of Positive Technologies to the Other Gripers page
April 2: Modified the Surf SOHO page to note that both OpenVPN client and server are coming to Peplink routers. Also added that the router can easily block all domains that end with "cm" and noted the problems it sometimes has connecting to Arris cable modems.
March 29: Added ip.voidsec.com as a WebRTC tester to the Test Your Router page
March 26: Improved the first two paragraphs of the Test Your Router page
March 24: On the Resources page, brought the info on InvizBox up to date
March 21: Added Vilfo router security issues to the bugs page. Also added a Symantec report about UPnP flaws still being abused by bad guys all these years later. Updated the introduction to routers page with a new introduction.
March 20: Add new Vilfo VPN client router to the Resources page
March 18: Updated the WPS page to include a push button attack from the kid next door.
March 17: Changed text on the home page in a number of areas. Added warning about buying used routers. Added a US Government report to the What can go wrong page.
March 16: The bugs page was getting too big, so bugs from 2016 have been moved to their own page.
March 15: There seems to be a rash of DNS hijacking of Asus routers. Added to bugs page.
March 10: Modified the Surf SOHO page and the page on initially configuring it, to clear up confusion about uBlock origin and disabling Wi-Fi.
March 9: Added spyware operation that abused MikroTik routers to the bugs page. Minor additions to the Surf SOHO page. Also updated the Other Gripers page with a couple new quotes.
Feb 26: Updated the Downsides of the Surf SOHO with screen shots of Bandwidth Control. Also updated the Resources page to note that Gryphon routers just started shipping.
Feb 25: Added Avira SafeThings to the Resources page in the Coming Soon, Maybe section
Feb 24: Revised the last section of the Pepwave Surf SOHO page, the one about stepping up to higher end Peplink routers.
Feb 23: Revised the intro to the VLAN page (yet again) and the new Shodan page. Intros are hard.
Feb 21: Added a new Shodan Query my Router page
Feb 20: Added two screen shots and made some minor text changes to the Surf SOHO Initial Configuration page.
Feb 19: Revised the intro to the VLAN page
Feb 18: Re-wrote the Ethernet Port section of the VLAN page.
Feb 16: Another bug - Dasan refuses to fix its buggy router
Feb 14: Added a minor Asus router bug from the end of January
Feb 11: Added Netgear router bugs to the bugs page.
Feb 9: Major update to the Consumer Routers page. Also, a major revamp of the home page.
Feb 8: The experience using Google Wifi keeps getting worse.
Feb 6: More proof that routers include old open source components with know security flaws was added to both the bugs and consumer router pages. Also added an article to the Other Security Advice page. At the bottom of the VLAN page, linked to a similar scheme done with Ubiquiti hardware.
Jan 27: A total re-write of the IP Addresses page
Jan 23: Added two bugs to the bugs page and tests of UDP port 9999 for Asus routers to the Test Your Router page.
Jan 22: A number of updates to the Other Router Security Advice page
Jan 14: Added a new section to the Resources page for Add-on Security via Router Firmware
Jan 13: Added article about defaced MikroTik and Ubiquiti Routers to the bugs page.
Jan 4: Updated the Other Router Security Advice page with links to two good articles written yesterday. Updated the VLAN page with a paragraph on Sonos speaker isolation and a Total Reverse topic.
Jan 2: Added an explanation of Access vs. Trunk Ethernet ports to the VLAN page.
Jan 1: Created a new Other Router Security Advice page. This used to be a section on the Resources page.