Old Router Question

Topic

New Reply

I have an old wired router that I meant to replace before everything got locked down. I got a firmware update before end of support and the router still works fine.The firewall still logs blocked packets and I have turned off unneeded services/options.

Every so often I would log in check things out and change the password or even factory reset it. I have never had a problem with it and find it useful because I can quickly disconnect from the Internet just by pulling out a wire rather than touching my modem.

Is there anything else I can do to “harden” the router?

Reply | Quote

Replies

Well that obviously depends on exactly what kind of router it is and what it does…

It’s very different between a “home” router (single uplink, no static routes), “small branch business” (single uplink, static VPNs to other branch sites through said single uplink), or an “enterprise” model (multiple uplinks, possibly multiple VPNs, load balancing / auto failover / …) and that’s not getting into any needed services on it (DHCP maybe).

Also your ISP may have requirements. Mine really doesn’t like it if I block TR-069, for example.

Reply | Quote

It’s a d-link. Single user, home computer, nothing else on the network. I turned off ping response but left DHCP (I think) and one or two others the manual warned may cause issues with ISPs.Remote management has always been turned off.

As for advanced options like port blocking I stuck to the defaults because I am not familiar with that aspect and not sure what the ISP wants. According to shieldsup my ports are stealthed except for 113 that is marked closed. I’m not sure what my ISP blocks if anything but the readings probably are due to my router.

Reply | Quote

The main vulnerability you need to worry about with a router is people hacking in wirelessly. Since your router is only wired, not wireless, I think you are pretty safe, now that you have done a firmware update.

Group "L" (Linux Mint)
with Windows 8.1 running in a VM

Reply | Quote

Thanks. I was thinking that even though the firmware update was old (2007) the router is wired and with all the fancy options (battle.net, other utilities, and virtual server) are turned off that things would be fairly safe.

 

Reply | Quote

Not sure how old your router is but you said you got a firmware update recently so it can’t be too old. How do you have your security set?

My router is realllly old. A Linksys WRT 54G v.5 and the last firmware update for it was in about 2008. I’m out in the sticks with WPA2 Personal AES set so I’m not too worried about a drive-by getting into things.

Don't take yourself so seriously, no one else does 🙂
All W10 Pro at 22H2,(2 Desktops, 1 Laptop).

1 user thanked author for this post.

Myst

Reply | Quote

I don’t know the age but the firmware is from 2007 just before EOS. The reason I stuck with it is it just works – to the point I sometimes forget its there. The last time I went into shop for one there were so many choices but all of them were wireless by default and many had been panned in security reviews.

For security: no server options, no utilities with open ports, no remote access, strong passwords. Basically, the default settings with a few things locked up tighter and I haven’t opened anything.

Reply | Quote

[bratkinson]

Maybe 10 years ago, perhaps longer, I switched my Linksys router to DD-WRT firmware rather then the firmware that came with the router.  It’s worked flawlessly.

Roughly 2 years ago, I upgraded my router with another Linksys to get one that provides 802.11AC WiFi connectivity (the fastest), and immediately put DD-WRT on it.  It’s still working flawlessly.  I have 2 computers wired to it with connections for a 3rd, as I sometimes fix others’ computers.

Not only is DD-WRT completely free, they also keep up with new models when they’re introduced as well as update the firmware for older routers if needed.  Give them a look:

https://dd-wrt.com/

 

• This reply was modified 3 years, 5 months ago by bratkinson.

Reply | Quote

DD-WRT is not for the faint hearted, but it is very powerful – I use it to separate my IoT devices from my computers and also have a guest wifi network that isolates the guests from each other as well as the my network.
DD-WRT also tends to make the router slower than the original firmware.

cheers, Paul

Reply | Quote

Interesting site. My router is not listed and some later similar models say “not possible”. other people have better luck though.

Reply | Quote