Home Router (in)security
by taylorkh from LinuxQuestions.org on (#5S45R)
Typical home routers are notorious for poor security, out of date firmware etc. About 4 years ago my ISP (Centurylink) told me that I needed to upgrade my DSL modem/router as the one I had was out of date and would not work properly (it worked fine then and still does). They sent me a replacement. The firmware was up to date per their web site. I was able to connect to it with telnet from the LAN side and found an ANCIENT Linux kernel and the versions of several networking related packages had vulnerability lists as long as my arm.
The ISP's "tech" support claimed 1) that routers do not have operating systems and 2) the manufacturer (Zyxel) was responsible for upgrades. I had already spoken with Zyxel and they told me the firmware on the router was Centurylink specific and Centurylink, not Zyxel was repsonsible for it. That said...
I am wondering if I would be better off running the modem/router in bridged mode to a Linux box and use the Linux box as my router, gateway, dhcp, firewall? At least I could keep the software on it up to date. Looking for advice.
TIA,,
Ken
The ISP's "tech" support claimed 1) that routers do not have operating systems and 2) the manufacturer (Zyxel) was responsible for upgrades. I had already spoken with Zyxel and they told me the firmware on the router was Centurylink specific and Centurylink, not Zyxel was repsonsible for it. That said...
I am wondering if I would be better off running the modem/router in bridged mode to a Linux box and use the Linux box as my router, gateway, dhcp, firewall? At least I could keep the software on it up to date. Looking for advice.
TIA,,
Ken