|Router Security||Website Change Log||
Website by |
April 19: Internal change. The DuckDuckGo search box is no longer statically included in every page. It is now dynamically Ajaxed in on-demand. Added a critical bug in Juniper Junos OS to the Bugs page.
April 18: Added some info about Wi-Fi range extenders to the Additional Thoughts section on the home page. Added the display of Recent Updates at the top of the home page. Added screen shots from four different routers, of the feature to change the WAN MAC address.
April 17: Updated the Secure Routers page. Added Firewalla as an FYI. Demoted Gryphon. Created a new page on Access Points.
April 16: Added a suggestion to change the WAN MAC address to the Long list of security features on the home page.
April 15: Added Fing app as an open port tester on the Test Your Router page.
April 14: Added a new example of consumer router General suckiness to the Consumer Routers page.
April 13: Added two new stories to the Router News page.
April 11: Added a new section on Printing to the VLAN page.
April 10: Editing changes to the IP Address page including a longer explanation of subnet masks.
April 9: Still more critical severe bugs in Cisco software. Added to the News page.
April 7: Added an update about the Ubiquiti breach/lying/cover-up story to the News page.
April 2: Added a downside to the Surf SOHO router - you can not copy the settings over to a higher end Peplink router.
April 1: Added Router News story that the Ubiquiti breach in January 2021 was much worse than they publicly exposed.
March 31: The Secure Routers page has more reasons not to trust Ubiquiti as per a Brian Krebs article. On the Modems page linked to miserable article about the best modems from the WireCutter and the New York Times. Suggested blocking Roku from making outbound TCP port 2350 requests on the Surf SOHO setup page.
March 27: Expanded the long DNS explanation on the Test DNS page. Added a warning about pfSense to the Secure Routers page.
March 25: Updated the WebRTC testers on the Test Your Router page.
March 22: On the VLAN page added a paragraph about sharing a network printer. Updated the bottom of the Consumer Routers page with my comments on the comments of others.
March 21: Added more Cisco bugs. Not really news at this point.
March 19: Updated the Test Your DNS page to note that on Windows, the nslookup command can be fooled as to which DNS server it is talking to. Also added the Windows DNSQuerySniffer program as a way to audit legacy DNS.
March 18: The page on Consumer Routers was mentioned on Hacker News and I added a link on the page to the 190 comments at news.ycombinator.com.
March 17: Added speed estimates for the OpenVPN client on the Surf SOHO router to the page on the Surf SOHO. Also added the there is no WireGuard VPN client for the Surf SOHO.
March 10: New lower opinion of Gryphon on the Secure Routers page. Added Exodus evaluation of GL.iNet Android app to the same page.
March 4: In the page on configuring the Surf SOHO, suggesting using Blacklight as a source of ads/trackers to block.
March 2: Updated the Test Your DNS page with an additional command line test for Windows. Also added dig command for macOS and Linux.
Feb 25: Added SPYSE IP info to the Shodan page.
Feb 23: Added SANS IP info to the Shodan page.
Feb 20: Added GL.iNet as a possible secure router.
Feb 16: Updated a few pages to note that with consumer routers, Guest Wi-Fi networks use the same DNS servers as non-Guest wireless networks and as wired devices.
Feb 14: On the Test Your DNS page added a new section with OS level tests and nslookup.
Feb 12: Updated the Test Your Router page with tests for UDP ports opened by Plex
Feb 10: Added Fortinet and SonicWall bugs to the Bugs page. Added a suggested outbound firewall rule to the Surf SOHO configuration page. Added NAT slipstreaming flaws to the Router News page.
Feb 7: Added a user interface bug to the Downsides section of the Pepwave Surf SOHO page. Updated the stuff to Turn Off page to add that three consumer routers support no Passthroughs and no ALGs.
Feb 6: Minor updates to the Long and Short lists on the home page. Also added ALGs to both the Surf SOHO initial configuration page and the stuff to Turn Off page.
Feb 5: More Cisco bugs added to the Bugs page.
Feb 2: Minor updates to the Pepwave Surf SOHO page.
Jan 27: Added a new downside to the Pepwave Surf SOHO router having to do with IEEE802.1Q and IEEE802.1P to deliver telephone and television service over the same cable as Internet. I don't fully understand it, but it prevented someone from using the Surf SOHO in their country (outside the US).
Jan 26: Updated the Guest Wi-Fi network section of the Security Checklist page. Updated the SSID page with my experience connecting to an SSID with a special character.
Jan 18: Added more Cisco bugs to the bugs page. Added a huge number of security issues with FiberHome routers to the News page. On the web page for the Pepwave Surf SOHO router and on the page for configuring it, I added a note that firmware 8.1.1 is the way to go.
Jan 12: On the Consumer Routers page, added a link to my blog about the misery of a Linksys EA8300 router.
Jan 5: Added lots of new bugs to the Bugs page.
Jan 3: New Router News story about a backdoor account in Zyxel devices
Dec 31: On the Resources page, updated information about the Invizbox 2, a dedicated VPN/Tor router.
Dec 29: Updated the Pepwave Surf SOHO page to reflect new OpenVPN server and client options.
Dec 18: On the resources page, added a new VPN and Tor router, the Beryl (GL-MT1300) from GL.iNet. Also expanded the description of the Inviz Box 2.
Dec 17: Still nothing from Asus about the bug in the Asus RT-AX86U that was made public on Nov 9, 2020. New critical bug in D-Link VPN routers added to the Bugs page.
Dec 11: Updated the Firewalla Gold section of the Secure Routers page.
Dec 10: Added another Adguard DNS tester on the Test Your DNS page.
Dec 2: Added a router hacking new story to the News page.
Nov 27: Added new TCP ports used by new malware to the Test Your Router page. Added an Asus router bug from July 2020 to the Bugs page and used it as yet another example of why not to buy a consumer router on the Consumer Routers page.
Nov 23: Better explanation of configuring outbound firewall rules on the Pepwave Surf SOHO.
Nov 22: Updated the News page with the total silence from Asus about a bug in their router(s). Also added a News story about macOS bypassing VPNs and firewalls.
Nov 17: Added a new example to the WPS page - connecting a Wi-Fi printer with button pushing.
Nov 13: On the News page, I started an audit of when Asus will fix a recently disclosed bug.
Nov 12: Added a section on BAD DNS to the Test Your DNS page.
Nov 11: Added a VLAN topic to the IP Address page.
Nov 9: New bugs added to the Bugs page: at a hacking contest bugs were found in routers from Asus, Netgear and TP-Link. Punched up the IP address page a bit.
Nov 1: In the topic of Outbound Firewall Rules on the page about configuring the PepwaveSurf SOHO, I added a note about blocking IP address 100.115.92.1.
Oct 31: On the Surf SOHO configuration page, in the section on outbound firewall rules, added a real life example of an iPhone calling out to an internal-only IP address.
Oct 30: Added the Netgear Orbi Pro (not the consumer Orbi) to the Mesh Routers page. Added a note to the Surf SOHO page that forcing all connected devices to use known good DNS servers can cripple some malware.
Oct 29: Updated the section on Outbound Firewall Rules in the page on configuring the Pepwave Surf SOHO router.
Oct 28: Updated the Secure Routers page to note that the F-Secure SENSE router has been discontinued. Added a link to the online demo of pcWRT to the Resources page.
Oct 27: Added Wavlink router and Wifi extender flaws to the Bugs page.
Oct 24: Re-wrote the intro of the Shodan page to make it clearer to non-techies.
Oct 23: Added note about faking the WAN MAC address to the page on configuring the Surf SOHO.
Oct 15: Minor update to the list of Firewall Testers on the Test Your Router page. Added Mullvad Conection Check page to the Shodan page.
Oct 14: Added warning that upgrading from a Pepwave Surf SOHO to a Peplink Balance router requires re-doing all config changes. Added a Router News story about upcoming security requirements for routers in Singapore.
Oct 12: Updated the long list of security changes on the website home page.
Oct 9: Added warnings on the two pages about the Pepwave Surf SOHO to not use firmware version 8.
Oct 8: Minor updates to the Shodan page.
Oct 6: On the Pepwave Surf SOHO page, warned people not to use firmware version 8.
Oct 5: Added a News story about bugs in Tenda routers being exploited.
Oct 4: Added a link to my blog on using two routers to the home page.
Sept 28: Added Health Check info to the page on configuring the Pepwave Surf SOHO router.
Sept 23: Updated the Synology review to stress another bad feature that I had omitted. Added new section at the bottom of the home page: You Are Safe Here. Re-wrote the UPnP section of the Long List on the home page. Added a new item to the Long List on the home page - turning off DHCP.
Sept 22: Added a Router News story: Another reason to avoid Netgear hardware. Updated home page Long List to address remote admin via mobile apps.
Sept 21: Updated the Pepwave Surf SOHO page to add that the USB port also works with an Ethernet connection.
Sept 20: Updated Gryphon description on the Secure Routers page.
Sept 17: On the Pepwave Surf SOHO page added warning about latest firmware not being bootable.
Sept 15: On the VLAN page, added an article about configuring VLANs on Ubiquiti devices.
Sept 14: On the Initial Surf SOHO configuration page, updated the topic of scheduling. Daniel Aleksandersen blogged about the state of software on consumer routers. Added it both the News page and the Consumer Routers page.
Sept 13: Two updates to the Pepwave Surf SOHO page. Updated the section on buying the router to warn people away from Amazon. Expanded the description of the step-up model, the Balance 20x.
Sept 11: Updated the VLAN page with more on network isolation with consumer devices. Small change to the topic of extending the Pepwave Surf SOHO router on its page.
Sept 8: The Full list on the home page was not full. Added suggestion to run nmap scan on the LAN side of the router. Also updated the InControl2 section of the page on initial configuration of the Surf SOHO router to note that it can be used to set country-based firewall rules.
Sept 5: Expanded info on DrayTek routers on the Secure Routers page.
Sept 3: Added a router news story about miserable security in Mofi 4G/LTE routers
Sept 2: Added a new reason to like the Pepwave Surf SOHO router, the ability to audit a VPN. Added the Turris Shield firewall to the Secure Routers page.
Sept 1: Updated Vilfo router info on the Resources page.
Aug 31: Updated the Surf SOHO initial configuration page with a tip about sending email from the router.
Aug 20: Updated the links for the Peplink interface demos on the Resources page.
Aug 17: Added a downside to the Surf SOHO router, that the list of attached devices is incomplete
Aug 10: Added whois.domaintools.com to the Shodan page.
Aug 9: Added a new section to the Pepwave Surf SOHO page - Extending the Wi-Fi range
Aug 6: More bugs in Cisco routers and switches.
July 30: Added suggestion to connect both the router and modem to either a surge protector or a UPS to the home page.
July 28: Added a News story about counterfeit networking devices pretending to be from C-Data and Cisco. Also new bugs in D-Link routers added to the Bugs page.
July 26: Yet another Cisco flaw added to the News page.
July 24: On the Mesh Router page added a warning about AmpliFi devices working as an actual mesh system. On the page for configuring the Surf SOHO router, added specific instructions for outbound firewall rules that block a wide range of IP addresses.
July 19: More Cisco bugs added to the Bugs page.
July 18: Added Tenda to the list of shamed router vendors on the Consumer Routers page.
July 15: Added to the bugs page, flaws in a Tenda router that have not been fixed. Added to the News page a story about C-Data networking devices being designed for spying. Added a new Tor/VPN router to the Resources page.
July 7: Added using a firewall to block a device from ever phoning home to the Surf SOHO configuration page.
July 6: Added to the News page a study of 127 routers that found miserable security in all of them.
July 2: Added to the News page that Cisco has some routers vulnerable to the Ripple20 flaws. And also added to the same page a newly revealed, and unrelated, bug in two Cisco VPN routers.
July 1: Added Fresh Tomato open source router firmware to the Resources page.
June 28: Updated the topic on outgoing firewall rules on the Surf SOHO initial configuration page.
June 27: The WPS page now links to a video on how to use a Pixie Dust attack.
June 24: A couple small changes to the Pepwave Surf SOHO page.
June 20: Updated the Others Router Security Advice page to add two stories from Toms Guide. The first recommends a Netgear router for its security, then nine days later, the second story reports that the router has multiple bugs that Netgear has avoided fixing for months. You can't make this stuff up. On the Surf SOHO page, updated the section on buying a Peplink router with more horsepower. Also, finally changed all references to 3G Store to 5G Store to reflect the new company name.
June 17: Updated the story on the Bugs page about six bugs in an ancient D-Link router.
June 16: On the page for the Pepwave Surf SOHO, I added a new downside having to do with CPU usage while copying large files. Added newly found bugs in 79 different Netgear devices to the Bugs page. Updated the Test Your Router page, LAN side URLs to try section, to add the currentsetting.htm page for Netgear routers.
June 14: Updated the Test DNS page to add a NextDNS tester. Updated the Router News page to point out multiple mistakes in the Ars Technica article on the latest UPnP flaw. Added a story to the Bugs page about D-Link not fixing all the bugs in an old but supported router. Totally re-wrote the Monitoring and Reporting section of the Pepwave Surf SOHO page.
June 11: Updated the Pepwave Surf SOHO page with a new paragraph on the URL Logging feature.
June 10: Updated the Router News page with UPnP exploit from June 2017 and June 2020.
June 7: On the Bugs page, updated the story about two Zero Day bugs in DrayTek routers.
June 2: Added a section on the Firewalla Gold router to the Secure Routers page. It is not yet released.
June 1: Added another article on Router Security to the Advice From Others page.
May 29: Updated the Bad Neighbors page with the suggestion to use a foil parabolic reflector.
May 27: Added NextDNS to the Test Your DNS page along with an explainer about the Cloudflare test.
May 25: Updated the page on the Surf SOHO router to note that it is getting harder to buy. Pandemic fallout, no doubt.
May 19: Minor changes to the page on configuring the Pepwave Surf SOHO router.
May 16: Minor changes to the page on configuring the Pepwave Surf SOHO router.
May 15: New favorite icons.
May 10: Minor update to the page on configuring the Pepwave Surf SOHO router.
May 9: Minor updates to the page on configuring the Pepwave Surf SOHO router.
May 1: Updated the description of the Trend Micro Home Network Security box on the Resources page.
April 30: Updated Ruckus information on the secure routers page.
April 27: Added a bug in Sophos XG firewall to the bugs page.
April 26: Minor change to the DNS section of the Configuring the Surf SOHO page.
April 22: Added a Router News story about DNS issues at TalkTalk.
April 20: Added a Router News story
April 7: Updated the bugs page with bugs in OpenWRT and DrayTek routers
April 6: Updated the Surf SOHO initial configuration page to explain some things better, thanks to reader feedback.
April 3: New intro to mesh routers on the mesh router page.
April 2: Improved the introduction to DNS on the Test Your DNS page, including the addition of encrypted DNS. Also updated the Cloudflare tester to note that it does nothing for their new filtering services.
March 30: Updated the VLAN page for firmware version 8 of the Pepwave Surf SOHO router.
March 29: Added a News story about two bugs in DrayTek routers that attackers are exploiting.
March 28: Another router hacking story added to the News page.
March 25: Added News story about DNS hijacking of D-Link and Linksys routers.
March 20: Added WAN Quality monitoring to the page about initial configuration of the Pepwave Surf SOHO router. Also added a new page with an audit trail of Peplink firmware 8.0.2 proving the router does not phone home to spy on you.
March 19: Updated the home page LONG checklist with a new suggestion about Wi-Fi Direct on printers. Updated the Surf SOHO configuration page with more on the process of a factory reset.
March 14: Added two downsides to the Monitoring and Reporting section of the page on the Pepwave Surf SOHO
March 10: Updated the firewall rules configuration for the Pepwave Surf SOHO. Added the nslookup command to the Test Your DNS page.
March 9: Added a new story about an industry flaw that affects multiple router vendors.
March 5: Added a news story: Multiple flaws in multiple Netgear routers.
Feb 29: Added a news story about thousand of Asus routers being hacked.
Feb 26: Added a news story about a Wi-Fi flaw in billions of devices, including some routers.
Feb 13: Added a note that the Pepwave Surf SOHO can only intercept old-style plain text DNS, not the newer DoH and DoT DNS requests.
Feb 12: Added a news story about malware on Windows guessing Wi-Fi passwords.
Feb 9: Added a podcast discussion of travel routers to the News page.
Feb 7: More updates to the Secure Routers page.
Feb 6: Many updates to the Secure Routers page, including much more information about DrayTek.
Jan 29: Updated the Secure Routers page and the News page to note that Ubiquiti has gone over to the dark side.
Jan 22: Added news story about Netgear routers
Jan 21: Updated the coverage of Gryphon and moved it to the Secure Router page.
Jan 19: Updated the Introduction page.
Jan 13: Added Cable Haunt flaw to the Bugs page.
Jan 12: Updated the page on configuring a new router.
Jan 11: Moved comments on suggested secure routers from the home page to its own page.
Jan 6: Added a note to the Pepwave Surf SOHO page that it can indeed be used with Peplink Access Points.
Dec 31: Added more D-Link router bugs
Dec 29: Added multiple bugs in Ruckus Access points to the Bugs page.
Dec 23: Updated the Bugs with the bugs in TP-Link routers. Added a new topic to the Surf SOHO configuration page explaining how to update to new firmware releases while still keeping the older firmware available for fallback or production use.
Dec 22: Updated the section on VPN client routers in the Resources page.
Dec 20: Updated the Google routers page with some info on new Nest routers
Dec 17: Updated the Firmware Updates page with info on upgrading Surf SOHO to firmware 8.0.1. Also updated the Ubiquiti section of the Secure Routers page.
Dec 16: Updated the Pepwave Surf SOHO page to reflect ongoing problems with the router talking to a cable modem.
Dec 4: Updated the Resources page section on additional plug-in security devices, including adding Syfer.
Dec 2: Updated the Secure Routers page with info on the new Ubiquiti UniFi Dream Machine router.
Nov 20: Added two different stories about different bugs in D-Link routers to the Bugs page.
Nov 18: Added an excellent article to the Other Router Security Advice page.
Nov 14: Added a story to the News page about Plume and their ISP partnerships.
Nov 8: Added story about Ubiquiti routers to the News page. Updated the Secure Routers page.
Nov 3: Big updates to the Secure Routers page. Added a news story to the Routers in the News page.
Oct 31: Minor tweaks to the Short List on the home page.
Oct 25: Buggy D-Link routers that will not be fixed. Added a new item to the Bugs page and on the Test Your Router page, linked to a Proof Of Concept tester page.
Oct 22: On the Surf SOHO initial configuration page, added about blocking off a printer from the Internet using a firewall rule.
Oct 19: New section added to the Secure Routers page. Minor changes to the Pepwave Surf SOHO page.
Oct 17: Updated the Mesh Router page about AmpliFi - it has an open TCP port and they ignored my email about it. Also added to the News page a story from August about disabling the public Wi-Fi on Comcast gateways.
Oct 14: Routers still buggy after all these years - new News story about ISE research.
Oct 8: Lots of updates to the Google routers page. Added a bug in D-Link routers to the Bugs page.
Oct 2: Added a section on VPN client software to the Synology page.
Sept 26: Updated the Eero page with information on just-announced 3rd generation models (see the Other Eero Info section).
Sept 25: Updated the description of Firewalla on the Resources page.
Sept 24: minor updates to the Security Checklist page.
Sept 23: Updated News and Bugs pages with info on the WS-Discovery port being opened on the WAN. More Synology updates.
Sept 21: More Synology updates. Updated the description of WPA2 Enterprise in the WPA Encryption page. Moved the discussion of WPA2 Enterprise from the home page to the WPA Encryption page.
Sept 19: Many updates to the Synology page.
Sept 17: Many updates to the Synology page. Added new TCP and UDP scanners to the Test Your Router page.
Sept 13: Created a new page for Synology routers.
Sept 11: Added Ping Reply to the initial setup of the Surf SOHO page. Also added the suggestion to avoid firmware 8.0.0.
Sept 10: Started a new section on the Resources page for Router/Network software. Updates to the Bad Neighbor page. Updated the Surf SOHO page to note the open ports on the LAN side.
Sept 8: Added another LAN side program to test for open ports in a router to the Test Your Router page.
Sept. 5: Added a new page for bad neighbors.
Sept. 3: Updated the description of the Invizbox 2 on the Resources page. Minor change to the Checklist page.
Aug 26: Added a News story about bad Wi-Fi security at WeWork.
Aug 21: Updated the Mesh Router page, yet again, with more on AmpliFi. Also added a new section to the page configuring the Pepwave Surf SOHO - how to create a wireless network for children that cuts off their Internet access at bed time.
Aug 19: Updated the Mesh Router page again with more on AmpliFi. I'm done with them.
Aug 17: Added to the News page a recent botnet detected in the Philippines and Thailand. Also added TCP port 23455 to the Test Your Router page to detect this malware. Updated the Mesh Router page with info on the new VPN feature in AmpliFi routers.
Aug 16: Updated the Bugs page with some obscure bugs allowing data to pass between Private and Guest Wi-Fi networks.
Aug 13: Consumer Reports reviewed 29 routers. The Secure Routers page has a critique of the article. So too does the Router News page. Also added an article about buggy 4G hotspots to the Bugs page.
July 28: Updated Firewalla description in the Resources page.
July 22: Added a review of Disney's Circle to both the News and Resources pages
July 16: On the Consumer Router page, added gripes about the AmpliFi mesh router documentation.
July 15: Updated a few pages to note that QNAP NAS boxes can also serve as a RADIUS server for WPA2 Enterprise.
July 13: Router News - still more DNS Hijacking of routers in Brazil. Its an epidemic.
July 10: Added information about the Nokia Beacon mesh routers to assorted pages.
July 9: More gripes about the Google Wi-Fi app on the Google router page. Added Nokia Beacon to Mesh Routers page.
July 4: More Router News about Cisco.
July 3: D-Link agreed to get their act together in a settlement with the FTC. Added to Router News page.
July 1: Added another UDP port to the Test Your Router page.
June 30: Added bugs in TP-Link Wi-Fi extenders to the Bugs page.
June 20: On the Resources page, in the topic on VPN Routers, added a link to a great article on the subject from RestorePrivacy.com
June 17: Added another Cisco bug to the Bugs page.
June 8: Added some outgoing firewall rules to the page on configuring the Surf SOHO router.
June 7: Added info about Apple Homekit's planned integration with routers to the News page.
May 29: Updated the News page with a test that I ran on my own router. It was attacked/probed a lot.
May 27: Added >Trend Micro Home Network Security to the Resources page (section on Add-On Security Devices) and added warnings about this class of device to the topic heading.
May 25: Updated gripes about the Pepwave Surf SOHO manual not being updated. Added Roqos router to the Resources page.
May 24: Yet more Cisco bugs, including a doozy in their hardware, added to the Bugs page.
May 23: Added the GL.iNet AR750S router to the Resources page as a VPN client router. It has a lot going for it. Added a bug in TP-Link routers to the Bugs page.
May 18: Added a News story about routers being hacked to install Windows malware.
May 16: The latest bug in Windows RDP is yet another example of the defense that can be provided by VLANs. Added to VLAN page.
May 14: Updated the HNAP page, adding a CVE from 2014, sample expoit code from GitHub and the latest HNAP flaw in Linksys routers.
May 13: An information leak bug in 33 Linksys routers added to the bugs page. And, Linksys will not fix it.
May 8: Routers in the news: a router was found in an Airbnb with a peephole and a camera inside it.
May 1: Updated the ISP router page with a story about Sky Broadband in England bricking their customers routers with a firmware update. Also updated the Router News page with yet another critical bug in Cisco hardware.
April 30: New responsive menu bar. This will take time as every page has to be updated.
April 27: Added GreyNoise IP scanner to the Shodan page.
April 26: Added my blog about defending against insecure IoT devices with a router to the News page and Surf SOHO pages.
April 18: Added many Cisco bugs to the Bugs page.
April 11: Added topic of blocking Windows 10 spying on us by blocking Microsoft domains to the page on configuring the Surf SOHO router. Also added links to the many design flaws in WPA3 to the WiFi Encryption page.
April 9: Added 3 bugs in a Verizon Fios gateway to the Bugs page and the ISP routers page. Minor bug in TP-Link routers added to the Bugs page.
April 5: Yet another DNS changer attack added to the News page. Ho hum.
April 4: Added firewall configuration to the page on Initial Config of the Surf SOHO router.
April 2: Added a News story from Sophos about the recently disclosed TP-Link router flaw that everyone should read.
March 31, 2019: Updated the Consumer Router Alternatives section of the Resources page with a mini-PC hardware recommendation.
March 29, 2019: Added a new TP-Link router bug to the Bugs page. It gives great insight into how little TP-Link cares about security. Added TP-Link bugs in the TL-R600VPN router that were reported in November 2018 to the Bugs page. Fixes are supposed to be available, but they are not.
March 28, 2019: Added a Huawei UPnP test for port 37215 to the Test Your Router page and added a News story about miserable security in Huawei routers. And, added a News story with router advice from Readers Digest. Pretty funny.
March 27, 2019: Router news about bugs in a Cisco VPN router.
March 25, 2019: Minor changes to home page.
March 20, 2019: Added news about Talos finding 11 bugs in Cujo.
March 13, 2019: Added a second on-line UPnP tester to the Test Your Router page. More minor updates to the Surf SOHO Configuration page.
March 8, 2019: Minor updates to the Surf SOHO Configuration page.
March 7, 2019: Updated the Other Eero Info section of the eero page with a takedown of an article touting eero. Updated the Stats page. Updated Router News page with a story about buying router bugs.
March 6, 2019: Minor updates to the Surf SOHO Configuration page.
March 3: added a D-Link bug to the bugs page.
March 1: Still more eero updates.
February 28, 2019: Cisco security flaw added to News page. Updated the page on initial configuration of a Surf SOHO.
February 27: Still more eero updates
February 26: Still more eero updates - new section on Wi-Fi Channels and Channel Width. eero bad.
February 25: More Eero updates.
February 24: Many updates to the Eero page.
February 23: I now have an Eero router, so I updated its section on the Mesh Routers page with new observations. Then, I created a new page just for Eero.
February 20: Multiple changes to the Mesh Routers page.
February 17: Updated the pfSense topic on the Resources page.
February 9: New section added to the WPS page: Client Operating Systems and WPS.
February 5: Added to the WPS page that the Netgear Nighthawk X4 R7500 v2 can not disable WPS. Still more Cisco bugs added to the Bugs page.
January 31: The Test Your DNS page started with a long explanation of DNS. Now it defaults to a short intro with an option to see the long explanation.
January 30: Added a story about Cisco Small Business switches with a back door account to the Bugs page. Added a test for TCP port 6 to the Test your Router page as a result of new malware found by Trend Micro. Added a new bullet point to item 22, Monitoring Attached Devices on the Security Checklist page.
January 28: Added a quote about router security from Eric Sauvageau, the man behind the Asuswrt-Merlin firmware to the Other Gripers page. Great great quote from an obvious expert: "I've been saying it for years: its time router manufacturers stop treating routers as gadgets, and start treating them as the security devices they really are. These things are everyones frontline defense on their network. That they also provide wifi is just a by-the-way, not the other way around."
January 28: Added a news story about the Japanese government hacking IoT devices and another story about know bugs in two Cisco routers being targeted. Also added the three Cisco bugs to the Bugs page. Added two Cisco bug tester URLs to the Shodan page and added Cisco bug tester LAN side URLs to the Tester page.
January 22: Updated the Bitdefender Box topic on the Resources page in the add-on security devices section.
January 21: Added Firewalla (not a typo) to the Resources page in the section on add-on security devices.
January 19: Expanded the section on the pcWRT router in the Resources page. Added a bit about Circle parental controls embedded in some Netgear routers to the Resources page.
January 18: On the Resources page, added a note that the Symantec Norton Core router has been discontinued.
January 17: Updated the Privacy section (item 27) of the Security Checklist.
January 16: Updated topic of Remote Administration on the Turn Off Stuff page. Added Wired UK clickbait article to News page.
January 15: On the Pepwave Surf SOHO page, updated the closest competition section with revised information on Draytek and Synology routers. Added Zerodium to the News page wondering about being a lesser target.
January 14: Added News story about Charter/Spectrum offering Cujo sometime in 2019.
January 12: Added Fingbox to the Security Checklist page (item 28) as it can alert you when new devices join the network. Revised and expanded Privacy (item 27) on the Security Checklist page.
January 9: Updated the UPnP section of the Security Checklist.
January 6: Added a News story predicting more router hacking in 2019.
January 2: Modified the Checklist page to note that Netgear does not support HTTPS on the LAN side. Added three more TCP ports to the Tester page as a result of bad guys hacking smart TVs, Chromecasts and Google Home. Added story about hacking these devices to the Router News page.