News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Routers with a Linux OS: how safe they are and other questions.

    Posted on OscarCP Comment on the AskWoody Lounge

    Home Forums AskWoody support Non-Windows operating systems Linux – all distros Routers with a Linux OS: how safe they are and other questions.

    • This topic has 20 replies, 10 voices, and was last updated 1 month ago.
    Viewing 12 reply threads
    • Author
      Posts
      • #2288740 Reply
        OscarCP
        AskWoody Plus

        I am starting this thread to continue a discussion that began on another one started by CADesertRat here ( #2288384 ) and dedicated to a recently discovered malicious bug, probably engineered by hackers working for a nation-state government and meant to be used to attack Linux-running computers:

        FBI and NSA expose new Linux malware Drovorub

        The discussion more or less branched out into a sub-thread on how vulnerable to this bug may be those routers used at home (particularly now that so many are working from home), or by small businesses, that have some distro of Linux as the operating system. With the additional question, asked by Moonbear, of how does one know if one’s router is running Linux, in the first place.

        Fortunately, the bug is only a danger to those computers running Linux with a version of the kernel earlier than 3.7; but that is helpful as long as one knows how to find out if: (a) ones router’s OS is a Linux distro and, if so, (b) how to make sure one has a safe kernel no earlier than 3.7 and, if not, (c) how to replace the kernel with one more recent and, therefore, safe from this bug.

        There is this rather long list of Linux used in routers that I found in Wikipedia:

        https://en.wikipedia.org/wiki/List_of_router_and_firewall_distributions

        And here is one review of free Linux distros for routers:

        https://teklager.se/en/best-free-linux-router-firewall-software-2019/

        None of this exhausts this topic, so I hope others might be interested enough to add some useful information here.

        Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

        3 users thanked author for this post.
      • #2288762 Reply
        Alex5723
        AskWoody Plus

        how does one know if one’s router is running Linux, in the first place.

        ALL routers run “linux” . Many are never updated and lack basic security and can be hacked.
        Most home routers lack simple Linux OS hardening security

        Would you know if your Wi-Fi router’s been hacked?

        4 users thanked author for this post.
      • #2288764 Reply
        Fred
        AskWoody Plus

        I am starting this thread to continue a discussion that began on another one started by CADesertRat here ( #2288384 ) and dedicated to a recently discovered malicious bug, probably engineered by hackers working for a nation-state government and meant to be used to attack Linux-running computers: FBI and NSA expose new Linux malware Drovorub

        For shure this is not the first “bug”, and now for the common people disposed publicly. The whole problem of vulnerability is a multi-headed monster, and living for a long time already.
        To combat that monster is making shure that Staffmembers of society-critical-organisations are working more safely, and use computers that are hardenend in a different and better way than before.
        Awareness of dangers probably is one of the most important items to start with. Keeping your data safe is becoming quite a serious job. Using (home-)”computers that are used in working from home”, and that are “more” safe is becoming quite an art/challenge in computing-administration, but is very well and good possible and is already been done.
        The problems that are spoken of here are all important, and make common people aware. The multi-headed-monster in the old Greek Saga’s grew a new head every time. Now in our world the crook-monster grows new heads every time too.
        I am curious how people in this forum and group are dealing with this.

        ~ ~ ~
        1 user thanked author for this post.
      • #2288824 Reply
        Rick Corbett
        AskWoody_MVP

        IMO this is a very good question for those of us with ISP-provided (and locked down) routers.

      • #2288828 Reply
        Charlie
        AskWoody Plus

        My DSL Modem/Router is 10 + years old.  Does anyone know how old a Linux kernel 3.6 is?  Is there a way to find out?

        Win 7, Sandy Bridge 3.3GHz, Linux Mint 19.1, Klaatu barada nikto

        2 users thanked author for this post.
      • #2288833 Reply
        CADesertRat
        AskWoody Plus

        My router is older than your setup. Kernel version history:

        Linux-version-history

        Found here: Wikipedia

        (at the bottom of the page)

        Don't take yourself so seriously, no one else does 🙂
        4 Win 10 Pro at 1909 (3 Desktops, 1 Laptop).

        Attachments:
        3 users thanked author for this post.
        • #2288866 Reply
          CADesertRat
          AskWoody Plus

          My old router was bought in 2006/2007 time frame so it probably has kernel 2.6.0.

          I think the last firmware update available (which I did) was in early 2008 but I don’t have a clue what it changed. Bottom line is that I’m sure I do not have 3.7 although I wouldn’t know where to look to confirm, other than the chart I posted above.

          Don't take yourself so seriously, no one else does 🙂
          4 Win 10 Pro at 1909 (3 Desktops, 1 Laptop).

          1 user thanked author for this post.
      • #2288840 Reply
        OscarCP
        AskWoody Plus

        According to another article in Wikipedia:

        https://en.wikipedia.org/wiki/Linux_kernel

        On 11 December 2012, Torvalds decided to reduce kernel complexity by removing support for I386 processors, making the 3.7 kernel series the last one still supporting the original processor. The same series unified support for the ARM architecture processors.

        So my router, being a model that came well after 2012, probably has for its OS a version of Linux with a kernel that is 3.7, or later.

        Now the question remains: how does one know what kernel is one’s router blessed with?

        Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

        • #2288855 Reply
          Moonbear
          AskWoody Lounger

          I have a feeling that this will turn out to be the billion dollar question.

        • #2288918 Reply
          anonymous
          Guest

          Nmap (nmap.org) can accurately guess the version of a router’s Linux kernel or other operating system.

          1 user thanked author for this post.
      • #2288841 Reply
        Paul T
        AskWoody MVP

        I have not yet seen how the Drovorub malware installs, so we may be discussing this prematurely.

        What you can do is run basic tests.

        Open Ports: GRC
        Possible hacks: F-Secure

        cheers, Paul

        2 users thanked author for this post.
        • #2288849 Reply
          OscarCP
          AskWoody Plus

          Paul_T: I appreciate your advice, which is also timely. Now, to make clearer something that might need to be explained explicitly: This thread is not about the Drovorub malware (there is one already in AskWoody dedicated to that and I have given a link to it in my original comment), but about the safety of Linux-running routers in general. The bug that you mention is something I have used to explain, in my original comment at the top of this thread, why it was that I had started this thread. Now it has cropped up here again, as it is a matter of serious concern, particularly for those of us working at home, because it is a concrete (and worrying) example of a Linux core-related vulnerability. Anyone who wants to discuss this bug in more detail, please do so in that other thread dedicated to it.

          Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

        • #2288923 Reply
          OscarCP
          AskWoody Plus

          Thanks, Paul_T I have tried both sites. F-Secure has reassured me that my router has “no issues.” In GRC found what seems useful information about the safety of my Internet connection. I have to check for time to time there, to see if my IP is fixed or not (it used not to be fixed, but have not checked this in years).

          Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

      • #2288873 Reply
        Biiljoy
        AskWoody Lounger

        If the router has ssh you could sign into it and run uname to find the kernel version.  Firmware attack is hardcore.  To say you are vulnerable if you have a lower kernel sure, but I mean there are millions of devices open to meltdown and spectre and you don’t see those firmware attacks in the wild that much.  Obviously don’t have too old hardware if you have firmware attacks as a threat you’re worried about.  But lots of things you old linux and there are even machines like atm’s that use a kiosk version of windows xp.  Lots of embedded os is never updated.

        1 user thanked author for this post.
      • #2288886 Reply
        OscarCP
        AskWoody Plus

        The other thread that Paul_T has referred to ( #2288854 ) has what might be some answers to questions (b), (c) and (d) in my original comment, but they are not encouraging.

        This Wikipedia article about open source Linux router firmware might be of interest here:

        https://en.wikipedia.org/wiki/List_of_router_firmware_projects

         

        Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

      • #2288902 Reply
        Rick Corbett
        AskWoody_MVP

        My DSL Modem/Router is 10 + years old. Does anyone know how old a Linux kernel 3.6 is? Is there a way to find out?

        A Google search shows that Linux 3.6 was released on 30 Sep 2012.

        Hope this helps…

        2 users thanked author for this post.
        • #2288907 Reply
          OscarCP
          AskWoody Plus

          See also the Wikipedia article on Linux kernels linked here: #2288840 .

          It is starting to look, at least for me, from what I’ve read in the thread mentioned by Paul_T, that one may really need a router meant for enterprise networks, not one of those provided by ISPs for home use, to be able to install the up-to-date Linux firmware of one’s choosing. And, even then, doing this might not be an easy-peasy, no worries kind of procedure, particularly for non-experienced people.

          So, home and small business router users: let’s don’t worry and be happy?

          Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

          1 user thanked author for this post.
      • #2288910 Reply
        Rick Corbett
        AskWoody_MVP

        It is starting to look, at least to me, that one needs a router for enterprise networks, not one of those provided by ISPs for home use

        I almost agree. I think it shows that locked-down ISP-provided home routers do not give end-users the control that they may wish over the security of their own internal network(s)… so a piggy-backed additional router almost becomes de rigeur.

        3 users thanked author for this post.
      • #2288952 Reply
        Fred
        AskWoody Plus

        Thank you! That’s right: ISP-provided home routers INTENTIONALLY do not give end-users the control that they may wish over the security of their own internal network(s), so not as a rigueur but very true it’s needed to use your own router additionally to make the own network a little bit safer to protect against the “normal crooks”.

        There are “1001” fairytales to tell by many to create more awareness of protection and privacy.

        ~ ~ ~
    Viewing 12 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Routers with a Linux OS: how safe they are and other questions.

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.