Router Security Website Change Log Website by     
Michael Horowitz 
Home | Site Index | Bugs | News | Security Checklist | Tests | Resources | Stats | About | Search |
See my Oct 11th blog: Using a router to defend against Xiongmai video devices
 

Changes made to this website

October 2018

October 19, 2018: A Cisco bug added to the Bugs page and a VLANs in the news story added to VLAN page.

October 17, 2018: New D-Link router bugs added to the Bugs page.

October 15, 2018: Added some links to the Turris Omnia page.

October 14, 2018: Minor updates to the IP address page. Updated the security checklist to add whether the router logs every login attempt.

October 13, 2018: Updated the Turris Omni page including adding a new Wi-Fi section.

October 12, 2018: Add GhostDNS to the Router News page. The Shodan page was enhanced to also display Censys.io data for your public IP address.

October 10, 2018: Updated the Test Your Router page to include TCP port 9527 which is used by Xiongmai video devices for a Telnet-like console interface. Updated the Google Wi-Fi page with still more disappointments.

October 9, 2018: Still more updates to the Turris Omnia page and its section on the Firmware Self Updating page. Updated the Test Your Router page with a LAN side URL that detects insecure video surveillance systems made by Xiongmai.

October 8, 2018: Added more MikroTik horrors to the Bugs page and some more Turris Omnia updates.

October 7, 2018: Added the Torii botnet to the Router News Page.

October 5, 2018: Updated the Router News page and the Test page with new information about VPNfilter which might open TCP port 5380.

October 2, 2018: Many updates to the Turris Omnia page. Added a VLAN in the news article to the VLAN page. Updated the page on self-updating firmware with a quote from Robert Graham.

October 1, 2018: Updated the Turris Omnia page.

September 2018

September 30, 2018: Updated the Turris Omnia page to note that it failed testing at Shields Up! Updated the Downsides section of the Pepwave Surf SOHO page with more about the problem connecting to cable modems. Removed the mxtoolbox.com port scanner from the Tests page as the service is no longer offered. Added two TCP ports that MikroTik owners should test to the Tester page.

September 27, 2018: Added news story about routers with many many bugs.

September 26, 2018: Updated the Turris Omnia page.

September 20, 2018: Updated Gryphon router summary on the Resources page.

September 20, 2018: Minor changes to the page on configuring the Pepwave Surf SOHO router

September 18, 2018: After all this time, I added a new security suggestion to the long list on the home page - use a clean browser session.

September 17, 2018: Updated WPA2 Enterprise section on the WPA and WEP page to note that IoT devices may not support WPA2 Enterprise.

September 14, 2018: Minor update to Turris Omnia page about the lights

September 8, 2018: Updated the mesh router page to note that Eero, Gwifi, Velop and AmpliFi do not support WPA2 Enterprise. Also added a section on WPA2 Enterprise the WPA and WEP page. Added a mention on the Surf SOHO page that it supports WPA2 Enterprise.

September 7, 2018: Added two stories to the News page

September 3, 2018: Yet another botnet added to Router News page

September 2, 2018: Updated the bandwidth monitoring screen shots on the Pepwave Surf SOHO page.

August 2018

August 31, 2018: The first two routers that you can talk to were just announced. Updated the Introduction page with a link. Also updated the Surf SOHO page to add that it does monthly bandwidth allowance tracking for an Internet/WAN connection.

August 30, 2018: Updated the Pepwave Surf SOHO page to note that it can now create 16 SSIDs. The old limit was 3.

August 25, 2018: Updated the Pepwave Surf SOHO page to add that it scores well on BufferBloat at DSL Reports.

August 22, 2018: Updated the section on port scanning the WAN interface of a new router on the New Router page.

August 21, 2018: Added a News story that broke a couple weeks ago while I was on vacation. Its much ado about nothing - a new way to crack WiFi passwords. Updated the Pepwave Surf SOHO page to note that fix is finally available for the problem connecting to modems.

August 20, 2018: Expanded the Detecting WPS section of the WPS page, again.

August 19, 2018: Updated the Router News page with a story of the NSA using hacked routers to copy VPN traffic. Expanded the section on Detecting WPS on the WPS page.

August 18, 2018: Updated the WPS page to add that on macOS, WiFi Explorer detects wireless networks that support WPS.

August 17, 2018: Updated Pepwave Surf SOHO page, they do support dynu.com for DDNS. Added pcWRT router to Resources page.

August 16, 2018: Added another gripe about consumer routers. From September 2017 by Robert K. Knake

August 15, 2018: Multiple bugs in multiple TP-Link Wi-Fi Extenders added to the Bugs page

August 14, 2018: Minor updates to the Pepwave Surf SOHO page. Added a Cisco VPN bug from Jan. 2018 to the Bugs page.

August 12, 2018: Added a story about D-Link routers hacked to changed DNS servers to the News page. Added www.whatsmydnsserver.com to the DNS server tester pages on the Test Your Router page.

August 3, 2018: Added a WPA3 topic to the WPA2, WPA, WEP encryption page.

August 2, 2018: Added a new Gotcha section to the IP Addresses page (thanks to reader feedback).

August 1, 2018: A new thing here; some good news. Added note about a new OpenWRT release to the News page. And, added a story about MikroTik routers being hacked at ISPs.

July 2018

July 28, 2018: Added suggestion to turn off QoS to the Turn Off Stuff page as per an article about Netgear routers. Added a couple articles to the Modems page about modems with buggy Puma6 chipsets.

July 24, 2018: More router attacks added to the Router News page

July 22, 2018: Added Intel AMT bugs as another VLANs in the News story to the VLAN page

July 19, 2018: More gripes about the Google Wifi mesh system. New Avira router security product added to News page. A Russian bank lost almost a million dollars due to an outdated router - added to News page.

July 12, 2018: Added a story to the Router News page, a Netgear router hack of FTP led to the leaking of military documents. Added a Juniper bug to the Bugs page.

July 11, 2018: Added a summary of a Linksys Velop review to the Mesh Routers page.

July 8, 2018: Added a VLANs in the News story to the VLANs page. Added new bug fixes to the Bugs page for ADB routers and gateways.

July 7, 2018: Updated text for disabling UPnP on home page. Added a link to the ShieldsUP! UPnP tester to the home page. Added other secure router suggestions to the home page. Added DrayTek as a close competitor to the Surf SOHO router on the Surf SOHO page.

July 5, 2018: Added a link on the home page to my presentation on Router Security from October 2017. Minor tweaks to the home page.

July 4, 2018: Another story about routers being abused in DDoS attacks added to News page.

July 2, 2018: Added note about a future update to the page on configuring the Surf SOHO router

June 2018

June 30, 2018: Added link to Symantec VPNFilter tester page to the Router News page.

June 28, 2018: Updated the Turris Omnia page. Updated the Bugs page with a response from Vilfo to a review of their VPN router.

June 26, 2018: Updated the Turris Omnia page. This will be happening often, each update may not get mentioned here.

June 25, 2018: Linked to a slew of new Netgear patches on the Bugs page. Added a new DNS rebinding attack as another VLANs in the news story to the VLAN page. Updated the Turris Omnia page.

June 24, 2018: Added the Fortigis security device and the Beam router to the Resources page.

June 23, 2018: Added a new page on the Turris Omnia. Not much there, yet.

June 22, 2018: Added comments on the lights of the Surf SOHO router to the And section of its page. Added a gripe about firmware updating a TP-Link access point to the Firmware Update page.

June 21, 2018: Minor update to the section on buying the Pepwave Surf SOHO on its page. Minor update to my recommendation for it on the home page.

June 20, 2018: Added story about D-Link DSL gateways being hacked by the Satori botnet to the Router News page and the Bugs page. Added two new TCP ports to the Tester page because they are used by the latest update to the Satori botnet. Added link to emulator for Turris routers to the Resources page.

June 19, 2018: Minor updates to the Other Gripers page, Bugs page and the Resources page.

June 16, 2018: Added some known modem flaws to the Modems page. Added an eero article to the Mesh Routers page.

June 15, 2018: Added a Router News story about a hacked MikroTik router serving as Command and Control. Also added survey results from Rapid7 showing 453,000 routers with an open Telnet port.

June 14, 2018: Updated the What Can Go Wrong page to include a couple tricks from the VPNFilter malware.

June 11, 2018: Added Recon Sentinel to the list of security devices that be added to a network on the Resources page

June 9, 2018: Updated the beginning of the Surf SOHO Initial Configuration page.

June 8, 2018: Added lots of Cisco bugs to the Bugs page. Coverage of VPNFilter on the news page has been updated a few times the last few days. Added the Netgear R6400 to the list of self-updating routers on the Resources page and the Self Updating Firmware page.

June 2, 2018: Update VPNFilter coverage on the Router News page. Added a test of port 2000 to the Test Your Router page, for VPNFilter which uses it to attack Mikrotik routers. Updated the Firmware Updates page to add the issue of re-installing the same firmware on top of itself - thanks to VPNFilter.

May 2018

May 30, 2018: Better late than never, added coverage of VPNFilter router malware to the News page.

May 29, 2018: Updated the What Can Go Wrong page to add that a router can be permanently disabled by malware, as seen with VPNFilter. More funny Wi-Fi network names added the to the SSID page.

May 28, 2018: Updated the Pepwave Surf SOHO to note that it was resistant to the VPNFilter malware.

May 27, 2018: Updated the avoiding ISP hardware page to mention how Verizon used WEP years after it was know insecure and the FTC went after them in 2014 (and did nothing in the end).

May 26, 2018: Added two more reasons for Comcast customers not use their equipment to the avoiding ISP hardware page. Also added Comcast leaking customer info to the bugs page.

May 24, 2018: Added D-Link router bugs found by Kaspersky to Bugs page

May 22, 2018: Added to the bugs page that British ISP Talk Talk routers are vulnerable to WPS pin code attacks

May 21, 2018: Added flaw in DrayTek routers to both the bugs page and news page. Added WICKED botnet to the news page and updated the Test Your Router page with tests for ports 8443 and 8080 that it attacks.

May 18, 2018: New section on the Resources page for Supposedly Secure routers, those marketed based on their security features

May 17, 2018: Another set of bugs in Cisco software including three critical ones, added to the Bugs page

May 15, 2018: Added article by Imperva to Router News page about UPnP being abused in a new way

May 14, 2018: New article on router security for train operators add to the Other Router Security Advice page. New bugs in Sierra Wireless routers added to the bugs page.

May 12, 2018: Added the suggestion to periodically reboot a router as a way of removing malware to the home page.

May 11, 2018: Updated the Router News and Router Bugs pages. Updated the Resources page to add F-Secure SENSE being offered to router vendors to integrate into their routers.

May 10, 2018: Redid the opening section of the Introduction to Routers page.

May 8, 2018: There is no end to bad articles about router security. Added another to the Other Router Security Advice page. Also updated the firmware update advice on the home page.

May 7, 2018: Not wanting to promote bad articles about router security, the Other Router Security Advice page no longer links to the worst articles, just lists the URL in plain text instead.

May 2, 2018: Added a new bug report that a million routers are vulnerable to two different flaws. Also a new article on hacking MikroTik routers added t o the bugs page.

April 2018

April 30: Added a router in the news story, added a VLAN in the news story to the VLAN page and added another griper to the Other Gripers page. Added an article about being victimized by malicious DNS servers to the What can go wrong page.

April 29: Updated Mesh router page with more details on the downside of cloud based management and a link to an article about evaluating mesh router systems. Added a networking quiz at the bottom of the VLAN page.

April 26: Apple finally came clean and admitted they don't make routers any more. Added to news page. Added two TP-Link bugs to the Bugs page, one from this month, the other from Oct. 2017.

April 25: Added new flaw with ZTE routers used by British ISP Hyperoptic to the Bugs page. Added changing LAN side IP address of the router to the home page. Added more funny SSIDs to the SSID page.

April 24: Added info about a Wi-Fi slowdown bug to the Surf SOHO page

April 23: Updated news page story on UPnProxy, yet again

April 22: Updated news page story on UPnProxy

April 21: Added note about stolen Peplink routers to the Surf SOHO page. Added note about registering a new Peplink router with InControl2 to the setup page for the Surf SOHO. Added a new potential downside to the Surf SOHO page that involves Wi-Fi speed. Added TP-Link Guest Wifi networks to the VLAN page.

April 18: Moved some coverage of router exploitations from the Bugs page to the Routers In The News page. In the page on initial configuration of the Surf SOHO, I added a paragraph about connecting it to an existing router/gateway.

April 16: Updated the What Can Go Wrong page and added two stories about router hacking to the Routers In The News page

April 15: Updated the SSID page and added a news story about the Boston Red Sox. Also updated the VLAN page with more on VLANs that allow the fish to see each other.

April 13: Minor changes to the home page and a new Routers in the news story from The Register

April 12: Added a Router News story about a Chinese city where shops are forced to use government approved routers. Added Nirsoft DNS Query Sniffer as a tester for DNS leaks when using a VPN.

April 11: New web page devoted to Routers in the News. Huge clump of Cisco bugs and attacks on Cisco devices added to the Bugs page. Added TCP port 2000 to the Tester page. And, due to these Cisco bugs, added TCP port 4786 and UDP port 18999 to the Tester page.

April 10: Added the GL.iNet GL-AR750 as a VPN client router on the Resource page

April 6: Added router security gripes by Kirill Shipulin of Positive Technologies to the Other Gripers page

April 2: Modified the Surf SOHO page to note that both OpenVPN client and server are coming to Peplink routers. Also added that the router can easily block all domains that end with "cm" and noted the problems it sometimes has connecting to Arris cable modems.

March 2018

March 29: Added ip.voidsec.com as a WebRTC tester to the Test Your Router page

March 26: Improved the first two paragraphs of the Test Your Router page

March 24: On the Resources page, brought the info on InvizBox up to date

March 21: Added Vilfo router security issues to the bugs page. Also added a Symantec report about UPnP flaws still being abused by bad guys all these years later. Updated the introduction to routers page with a new introduction.

March 20: Add new Vilfo VPN client router to the Resources page

March 18: Updated the WPS page to include a push button attack from the kid next door.

March 17: Changed text on the home page in a number of areas. Added warning about buying used routers. Added a US Government report to the What can go wrong page.

March 16: The bugs page was getting too big, so bugs from 2016 have been moved to their own page.

March 15: There seems to be a rash of DNS hijacking of Asus routers. Added to bugs page.

March 10: Modified the Surf SOHO page and the page on initially configuring it, to clear up confusion about uBlock origin and disabling Wi-Fi.

March 9: Added spyware operation that abused MikroTik routers to the bugs page. Minor additions to the Surf SOHO page. Also updated the Other Gripers page with a couple new quotes.

March 2: Added a new Additional Thoughts section to the home page. Also updated the What Can Go Wrong page with a story aobut routers that were hacked last month at the Olympics.

February 2018

Feb 26: Updated the Downsides of the Surf SOHO with screen shots of Bandwidth Control. Also updated the Resources page to note that Gryphon routers just started shipping.

Feb 25: Added Avira SafeThings to the Resources page in the Coming Soon, Maybe section

Feb 24: Revised the last section of the Pepwave Surf SOHO page, the one about stepping up to higher end Peplink routers.

Feb 23: Revised the intro to the VLAN page (yet again) and the new Shodan page. Intros are hard.

Feb 21: Added a new Shodan Query my Router page

Feb 20: Added two screen shots and made some minor text changes to the Surf SOHO Initial Configuration page.

Feb 19: Revised the intro to the VLAN page

Feb 18: Re-wrote the Ethernet Port section of the VLAN page.

Feb 16: Another bug - Dasan refuses to fix its buggy router

Feb 14: Added a minor Asus router bug from the end of January

Feb 11: Added Netgear router bugs to the bugs page.

Feb 9: Major update to the Consumer Routers page. Also, a major revamp of the home page.

Feb 8: The experience using Google Wifi keeps getting worse.

Feb 7: Added a VLANs In The News story to the VLAN page. Added Synology to the Firmware Self Updating page.

Feb 6: More proof that routers include old open source components with know security flaws was added to both the bugs and consumer router pages. Also added an article to the Other Security Advice page. At the bottom of the VLAN page, linked to a similar scheme done with Ubiquiti hardware.

January 2018

Jan 27: A total re-write of the IP Addresses page

Jan 23: Added two bugs to the bugs page and tests of UDP port 9999 for Asus routers to the Test Your Router page.

Jan 22: A number of updates to the Other Router Security Advice page

Jan 14: Added a new section to the Resources page for Add-on Security via Router Firmware

Jan 13: Added article about defaced MikroTik and Ubiquiti Routers to the bugs page.

Jan 4: Updated the Other Router Security Advice page with links to two good articles written yesterday. Updated the VLAN page with a paragraph on Sonos speaker isolation and a Total Reverse topic.

Jan 2: Added an explanation of Access vs. Trunk Ethernet ports to the VLAN page.

Jan 1: Created a new Other Router Security Advice page. This used to be a section on the Resources page.






Top 
This page was last updated: October 19, 2018 9PM CT     
Created: November 21, 2015
Viewed 16,180 times since November 21, 2015
(15/day over 1,065 days)     
Website by Michael Horowitz      
Feedback: routers __at__ michaelhorowitz dot com  
Changelog
Copyright 2015 - 2018