Author Topic: recommended router?  (Read 1707 times)

Case

  • Pencil Stache
  • ****
  • Posts: 749
recommended router?
« on: October 18, 2018, 10:49:48 AM »
Can anyone recommend a router?  I am about to move to northern Delaware... haven't figured out the internet provider yet, but I'm assuming I'll not want to use the default router that is provided...

DavidDoes

  • 5 O'Clock Shadow
  • *
  • Posts: 54
  • Location: Seattle, WA
Re: recommended router?
« Reply #1 on: October 18, 2018, 12:40:51 PM »
It's expensive, but we haven't touched our ASUS router since I set it up almost three years ago.

CoffeeR

  • Stubble
  • **
  • Posts: 194
  • Location: Southwest
Re: recommended router?
« Reply #2 on: October 18, 2018, 12:48:59 PM »
I presume you mean wireless router. If not, please clarify.

Depends on how much money you want to spend, what kind of functionality you want and what coverage you need. I have the Asus AC1900 ($140 at Amazon) and it works well though I no longer use the router capabilities (I use it as a dumb access point). If I were in the market for a nicer/newer model wireless router I would go with the Asus AC2900 @ $180. I see very little reason and benefit to going even higher end then this and you will likely no get better coverage regardless of the advertising. For better coverage use multiple wireless routers perhaps in a mesh setup.

If you want to save money, some of the lower priced TP-Link models will probably work just fine.

ketchup

  • Magnum Stache
  • ******
  • Posts: 3947
  • Age: 28
Re: recommended router?
« Reply #3 on: October 18, 2018, 12:52:40 PM »
If you want to save money, some of the lower priced TP-Link models will probably work just fine.
+1

I bought a $60 simple TP-Link a few years back and it's been solid.  Could easily pull 400mbps over 5Ghz at reasonable ranges.

If you want extra fun and geekery, pick up some Ubiquiti gear (probably a USG and a couple APs) and customize the fuck out of it.

sol

  • Walrus Stache
  • *******
  • Posts: 8492
  • Age: 42
  • Location: Pacific Northwest
Re: recommended router?
« Reply #4 on: October 18, 2018, 12:58:36 PM »
If you want to save money, some of the lower priced TP-Link models will probably work just fine.

I agree, but so far I've been shocked that mustachians have recommended a bunch of routers that cost over $50.  Do you all drive BMWs, too?

There are multiple Wireless N routers for $19.99 that will do 300 Mbps, like the TP-Link N300.  If you spend more than $25, you're getting taken for a ride. 

neo von retorch

  • Magnum Stache
  • ******
  • Posts: 3340
  • Location: SE PA
    • Fi@retorch - personal finance tracking
Re: recommended router?
« Reply #5 on: October 18, 2018, 01:00:54 PM »
Case

We have a TP-Link Archer C7. Lately this has been showing up on sale at Amazon and B&H for $50-60. It's nothing fancy and it's not bullet proof. But it's probably plenty.

Also - once you decide on an ISP, circle back, as you might be on the hook for renting a modem, but you can usually buy one for $40-60 and save a bunch each month on rental. (Most rentals are combo modem/routers, but if you only buy a router, you might still need to rent. Modern FiOS does not require a modem, but most (all?) cable internet still does.)

rugorak

  • Bristles
  • ***
  • Posts: 382
Re: recommended router?
« Reply #6 on: October 18, 2018, 02:17:04 PM »
I'm an IT nerd. I do it for a living, so I can tend to be picky. Ultimately like most things you can go insane with it if you want. I did spend quite a bit compared to most on my router, but I also used my last router for 15 years. And I plan on using my current one as long.

I wanted a router that could do DD-WRT. It is open source firmware. I also wanted the latest hardware so I could get as much life out of it as possible.

If you are like most people a cheap $50 or less router will do. Hell an old Linksys WRT54G or WRT54GL will work. The GL is what I had. Still works fantastic except the radio could only do B/G. I quick search and you can get one of those for about $30 new. Just make sure the vendor is decent and puts out firmware updates frequently enough to fix bugs/vulnerabilities. And honestly if you are buying it today and want it to last make sure it can do AC. N is older already and if you are like most of us

And as others said make sure that you are not going to be paying for it anyway. I bought my cable modem years ago and therefore do not have to pay for either. But some ISP's make you. If you are geeky like me you wouldn't want it anyway as I like to be able to tweak it and lock it down. But if you aren't like that you really won't care.

tyler2016

  • Stubble
  • **
  • Posts: 117
    • Tyler's Guides
Re: recommended router?
« Reply #7 on: October 18, 2018, 06:21:38 PM »
IT guy here.

I would buy something cheap that you can load OpenWRT https://openwrt.org on. OpenWRT is generally much better than the crappy software most cheap routers come with. I have a cheap TP LINK. With the factory software, I had to reboot it regularly, it would stop working with the microwave on, and it was slow. I don't mean slow as in can't stream 4k video, but slow as in when working remotely, even my command line sessions with tiny bits of text would become almost unusable. OpenWRT fixed all of those problems.

Case

  • Pencil Stache
  • ****
  • Posts: 749
Re: recommended router?
« Reply #8 on: October 18, 2018, 07:26:32 PM »
Can anyone recommend a router?  I am about to move to northern Delaware... haven't figured out the internet provider yet, but I'm assuming I'll not want to use the default router that is provided...

Thank you all for the info!
Currently looking at Verizon FiOS.  Although I don't necessarily want to go with a company like that, they are relatively inexpensive, even after the one year price hike.  Main drawback is you need to get their modem.... I think.  I might did in to see if this is truly required.

MrSal

  • Pencil Stache
  • ****
  • Posts: 865
Re: recommended router?
« Reply #9 on: October 18, 2018, 09:18:38 PM »
It's expensive, but we haven't touched our ASUS router since I set it up almost three years ago.

T-mobile website is selling their cellspot router for 39$... It's just a rebrand of the acclaimed asus RT68U aka Asus AC1900... It goes for 180$.

You can buy the t mobile one for 39$ and save 140. It's the best router you can have especially for only 40$

Daley

  • Magnum Stache
  • ******
  • Posts: 3957
  • Location: Cow country. Moo.
  • Got that mustache feeling.
Re: recommended router?
« Reply #10 on: October 18, 2018, 09:49:15 PM »
It's expensive, but we haven't touched our ASUS router since I set it up almost three years ago.

T-mobile website is selling their cellspot router for 39$... It's just a rebrand of the acclaimed asus RT68U aka Asus AC1900... It goes for 180$.

You can buy the t mobile one for 39$ and save 140. It's the best router you can have especially for only 40$

It's listed at $50 on my end. It's a shame about the firmware, though.

neo von retorch

  • Magnum Stache
  • ******
  • Posts: 3340
  • Location: SE PA
    • Fi@retorch - personal finance tracking
Re: recommended router?
« Reply #11 on: October 19, 2018, 05:07:10 AM »
Most modern FiOS installations end with a Cat5e Ethernet cable. They will try to sell or rent you their expensive Quantum router but you don't need it. Just get your own WiFi Gigabit router.

MrSal

  • Pencil Stache
  • ****
  • Posts: 865
Re: recommended router?
« Reply #12 on: October 19, 2018, 05:09:04 AM »
It's expensive, but we haven't touched our ASUS router since I set it up almost three years ago.

T-mobile website is selling their cellspot router for 39$... It's just a rebrand of the acclaimed asus RT68U aka Asus AC1900... It goes for 180$.

You can buy the t mobile one for 39$ and save 140. It's the best router you can have especially for only 40$

It's listed at $50 on my end. It's a shame about the firmware, though.

Coupon CPOROUT brings it to 39,95 :)

As for firmware, you can flash it back to original. Plenty of tutorials around. The only thing that is missing is the mesh capability... For normal users I think it's fine

Daley

  • Magnum Stache
  • ******
  • Posts: 3957
  • Location: Cow country. Moo.
  • Got that mustache feeling.
Re: recommended router?
« Reply #13 on: October 19, 2018, 06:54:07 AM »
As for firmware, you can flash it back to original. Plenty of tutorials around. The only thing that is missing is the mesh capability... For normal users I think it's fine

Except the bootlader has been locked now, features specifically deactivated, and distribution of the firmware necessary to sideload other firmware falls into a legally gray area in the United States with licensing and the more useless bits of copyright and radio spectrum laws... plus, the default firmware has its own problems, and it's designed to serve T-Mobile first, not its "owner".
« Last Edit: October 19, 2018, 06:56:51 AM by Daley »

BigRed

  • Stubble
  • **
  • Posts: 200
  • Age: 43
  • Location: NJ
Re: recommended router?
« Reply #14 on: October 19, 2018, 11:36:34 AM »
Case

We have a TP-Link Archer C7. Lately this has been showing up on sale at Amazon and B&H for $50-60. It's nothing fancy and it's not bullet proof. But it's probably plenty.

Also - once you decide on an ISP, circle back, as you might be on the hook for renting a modem, but you can usually buy one for $40-60 and save a bunch each month on rental. (Most rentals are combo modem/routers, but if you only buy a router, you might still need to rent. Modern FiOS does not require a modem, but most (all?) cable internet still does.)

Any recommendations for Cable Modems?

CoffeeR

  • Stubble
  • **
  • Posts: 194
  • Location: Southwest
Re: recommended router?
« Reply #15 on: October 19, 2018, 12:54:33 PM »
Any recommendations for Cable Modems?
I use ARRIS cable modems. Make sure, that you get a cable modem that handles the speed you need (and pay for). So the number of downstream channels is usually 4,8,16,24,32 and the number of upstream channels is usually 4,8 and so on. make sure the cable modem is at least a DOCSIS 3.0 (most/all new ones are these days). DOCSIS 3.1 is available but more expensive.

The number of channels determines the maximum upload and download speed. For example, a 16x4 DOCSIS 3.0 cable modem has 16 downstream channels for a max download speed of about 600+ Mbps and upload of speed of about 100+ Mbps. In general the fewer the channels the lower the cost of the cable modem. Note your ISP has to provision those channels! The channels on the cable modem just determine the maximum speed the cable modem is capable of and will determine the maximum download/upload speed you can purchase from your ISP. Make sure your ISP supports the cable modem you wish to purchase (they generally do).
« Last Edit: October 19, 2018, 07:52:46 PM by CoffeeR »

JLee

  • Walrus Stache
  • *******
  • Posts: 5557
Re: recommended router?
« Reply #16 on: October 19, 2018, 12:57:06 PM »
If you want to save money, some of the lower priced TP-Link models will probably work just fine.

I agree, but so far I've been shocked that mustachians have recommended a bunch of routers that cost over $50.  Do you all drive BMWs, too?

There are multiple Wireless N routers for $19.99 that will do 300 Mbps, like the TP-Link N300.  If you spend more than $25, you're getting taken for a ride.

lol.  I have a Ubiquiti Unifi USG, 8 port POE switch, and Unifi AC Pro access point managed via Cloud Key. I run multiple SSIDs across two apartments in my building.

It was more than $25. It's also 100% rock solid stable and will run basically forever without instability, hiccups, or reboots.

Most modern FiOS installations end with a Cat5e Ethernet cable. They will try to sell or rent you their expensive Quantum router but you don't need it. Just get your own WiFi Gigabit router.

If you're getting gigabit FIOS, buying a cheap router is silly because you're not going to see the speeds you're paying for.  The Quantum router does a surprisingly good job for being an ISP-provided device.

If you have 100Mbps FIOS, then yeah - you can pretty much use anything.
« Last Edit: October 19, 2018, 12:58:47 PM by JLee »

CoffeeR

  • Stubble
  • **
  • Posts: 194
  • Location: Southwest
Re: recommended router?
« Reply #17 on: October 19, 2018, 01:04:46 PM »
If the OP were the kind of person that would flash router firmware and use POE I am not sure they would have posted the question they did. I have a dedicated pfSense router and somebody else I am sure has a Cisco ASR edge router in their home. Are these the kind of solutions you would recommend to your non-tech family and friends *if* you are not the one setting it up and maintaining it?
« Last Edit: October 19, 2018, 07:48:46 PM by CoffeeR »

JLee

  • Walrus Stache
  • *******
  • Posts: 5557
Re: recommended router?
« Reply #18 on: October 19, 2018, 01:20:54 PM »
If the OP were the kind of person that would flash router firmware and use POE I am not sure they would have posted the question they did. I have a dedicated pfSense router and somebody else I am sure has Cisco ASR edge router in their home. Are these the kind of solutions you would recommend to your non-tech family and friends *if* you are not the one setting it up and maintaining it?

The Verizon router is surprisingly good -- for a FIOS install, I would strongly consider just buying that.

For non-tech people, I usually defer to Wirecutter's recommendations, likely the TP-Link Archer A7 in this case: https://thewirecutter.com/reviews/best-wi-fi-router/

Case

  • Pencil Stache
  • ****
  • Posts: 749
Re: recommended router?
« Reply #19 on: October 21, 2018, 09:58:33 AM »
If the OP were the kind of person that would flash router firmware and use POE I am not sure they would have posted the question they did. I have a dedicated pfSense router and somebody else I am sure has a Cisco ASR edge router in their home. Are these the kind of solutions you would recommend to your non-tech family and friends *if* you are not the one setting it up and maintaining it?

This is correct, i have no idea what you guys are talking about.

I could learn more about modems, but can only learn so many things with available time, therefore going for the most efficient KISS solution.  I mostly just want something that is secure, as at some point i goti the impression the default routers by ISPs are vulnerable.  I assume most routers have sufficient speed.

Case

  • Pencil Stache
  • ****
  • Posts: 749
Re: recommended router?
« Reply #20 on: October 21, 2018, 09:59:16 AM »
If the OP were the kind of person that would flash router firmware and use POE I am not sure they would have posted the question they did. I have a dedicated pfSense router and somebody else I am sure has Cisco ASR edge router in their home. Are these the kind of solutions you would recommend to your non-tech family and friends *if* you are not the one setting it up and maintaining it?

The Verizon router is surprisingly good -- for a FIOS install, I would strongly consider just buying that.

For non-tech people, I usually defer to Wirecutter's recommendations, likely the TP-Link Archer A7 in this case: https://thewirecutter.com/reviews/best-wi-fi-router/

Thanks, and i appreciate the link..

CoffeeR

  • Stubble
  • **
  • Posts: 194
  • Location: Southwest
Re: recommended router?
« Reply #21 on: October 22, 2018, 08:19:53 AM »
I mostly just want something that is secure, as at some point i goti the impression the default routers by ISPs are vulnerable.  I assume most routers have sufficient speed.
I know of no solution that is always secure. Security does require regular software/firmware updates and for that you want a vendor that supports there products longer term. The problem is that *none* of the maintain consumer vendors of routers (Asus, TP-Link, Netgear, etc.) are consistently good at this. You have the recommendations here (I'd probably go with Asus, TP-Link or Netgear), but regardless of what you choose, do keep your router firmware updated (if updates are available).

Daley

  • Magnum Stache
  • ******
  • Posts: 3957
  • Location: Cow country. Moo.
  • Got that mustache feeling.
Re: recommended router?
« Reply #22 on: October 22, 2018, 08:49:19 AM »
I mostly just want something that is secure, as at some point i goti the impression the default routers by ISPs are vulnerable.  I assume most routers have sufficient speed.
I know of no solution that is always secure. Security does require regular software/firmware updates and for that you want a vendor that supports there products longer term. The problem is that *none* of the maintain consumer vendors of routers (Asus, TP-Link, Netgear, etc.) are consistently good at this. You have the recommendations here (I'd probably go with Asus, TP-Link or Netgear), but regardless of what you choose, do keep your router firmware updated (if updates are available).

And this is exactly why so many of us recommend taking the time to learn how to use third party firmware and buying a device that can support it. Where manufacturers fail, provide buggy or insecure firmware, and enforce planned obsolescence... you have an entire community of developers who have continued to build, support and update stuff like OpenWRT/LEDE, Tomato, DD-WRT, Gargoyle and ROOter for many of these routers that the manufacturers have abandoned. And bonus points? You get way niftier features available out of the box.

Granted, some of these third party firmwares can be very obtuse and difficult to configure, but there are some (such as ROOter) that are reasonably easy to set up the basics on once you get past the initial flashing, and has good documentation on how to get into the more advanced stuff (assuming you even want to use it).
« Last Edit: October 22, 2018, 08:53:46 AM by Daley »

sol

  • Walrus Stache
  • *******
  • Posts: 8492
  • Age: 42
  • Location: Pacific Northwest
Re: recommended router?
« Reply #23 on: October 22, 2018, 09:01:19 AM »
I know of no solution that is always secure.

I'm just not that worried about the security of my home router.

It only has a range of about a hundred feet, so someone attacking it would basically have to be parked in my driveway.  One of my neighbors might be able to maintain a somewhat stable connection if they wanted to hack it, but they are my neighbors and I trust them to not running an international hacking ring from my mac address. 

If someone were to hack my wifi router, what would that give them that isn't easier to get some other way?  It's not like your internet traffic isn't already monitored by multiple third parties, both with and without your consent.  If you're using end-to-end encryption like you're supposed to then as long as your machine is secure and the distant machine is secure then intercepted wifi traffic is probably the lowest remaining threat to your passwords and such.  Your ISP is logging everything you do on the internet.  The government is logging everything you do on the internet through your ISP and/or the local backbone.  Companies like facebook and amazon are logging the sites you visit.

What's the worry about wifi?  People who live in apartment buildings full of criminal hackers looking for someone to spoof?  I'm pretty sure pretending to be your next door neighbor isn't going to throw off interpol.

Daley

  • Magnum Stache
  • ******
  • Posts: 3957
  • Location: Cow country. Moo.
  • Got that mustache feeling.
Re: recommended router?
« Reply #24 on: October 22, 2018, 09:16:58 AM »
I'm just not that worried about the security of my home router.

I can't speak for CoffeeR, but in my case? It's not about WiFi security, which, really isn't that secure anyway. It's not about keeping various three letter agencies or corporations out of my internet traffic, either. The biggest reason why I want to keep my router secure and patched is simple, I'd rather not have it or other devices on my network co-opted into a zombie botnet.

sol

  • Walrus Stache
  • *******
  • Posts: 8492
  • Age: 42
  • Location: Pacific Northwest
Re: recommended router?
« Reply #25 on: October 22, 2018, 09:25:42 AM »
I'd rather not have it or other devices on my network co-opted into a zombie botnet.

That's a legitimate if somewhat altruistic concern.  How would you know if your router had been co-opted?  I can log in to my router and check on status and logs, if everything looks normal should I be worried?  Would you expect to be able to see an increase in traffic, or is the corruption so complete that the owner would never have any idea?

If that's the case, then it seems like all of those home IT warriors will never know if their defenses have been successful or not.  Why go to all of that trouble if you might already have lost the war?

And what's the proposed fix if you suspect that you ARE tied to a botnet?  Re-flash your firmware every six months as a hard reset, just to be sure?  Because I can do that on my $19.99 router just as easily as I can on a $160 router.  Buy a brand new router (for $19.99) once per year just to be sure I have the most current specs?

I'm not being facetious, I genuinely don't understand how to detect if a router or other device is participating in a botnet, or what I would do about it if it were.

katsiki

  • Handlebar Stache
  • *****
  • Posts: 1428
  • Age: 39
  • Location: La.
Re: recommended router?
« Reply #26 on: October 22, 2018, 09:28:16 AM »
Another vote for Tp-link.  I think I also have the archer c7.

tyler2016

  • Stubble
  • **
  • Posts: 117
    • Tyler's Guides
Re: recommended router?
« Reply #27 on: October 22, 2018, 09:45:24 AM »
I'd rather not have it or other devices on my network co-opted into a zombie botnet.

That's a legitimate if somewhat altruistic concern.  How would you know if your router had been co-opted?  I can log in to my router and check on status and logs, if everything looks normal should I be worried?  Would you expect to be able to see an increase in traffic, or is the corruption so complete that the owner would never have any idea?

If that's the case, then it seems like all of those home IT warriors will never know if their defenses have been successful or not.  Why go to all of that trouble if you might already have lost the war?

And what's the proposed fix if you suspect that you ARE tied to a botnet?  Re-flash your firmware every six months as a hard reset, just to be sure?  Because I can do that on my $19.99 router just as easily as I can on a $160 router.  Buy a brand new router (for $19.99) once per year just to be sure I have the most current specs?

I'm not being facetious, I genuinely don't understand how to detect if a router or other device is participating in a botnet, or what I would do about it if it were.

Installing community developed firmware such as DD-WRT or OpenWRT is probably your best bet. It isn't just about altruism. Some providers throttle you down after you use a certain amount of data. If you're part of a bot net, you will likely see performance issues.

If you aren't technical, it will take a little time to read up on how to do it, but it isn't beyond the capabilities of the average person. It just takes someone willing to spend a little time learning. There  are decent instructions on how to do it.

In the unlikely case you brick your device, you are out of maybe 50 bucks.

The community firmware tends to have a lot more features, perform better, and is usually more reliable than the cheapware they come with.

Daley

  • Magnum Stache
  • ******
  • Posts: 3957
  • Location: Cow country. Moo.
  • Got that mustache feeling.
Re: recommended router?
« Reply #28 on: October 22, 2018, 10:19:25 AM »
I'm not being facetious, I genuinely don't understand how to detect if a router or other device is participating in a botnet, or what I would do about it if it were.

I could ask the same question to you about how do you normally notice when a computer has a virus? (Genuinely not being facetious here, either.)

Outside of state-level exploits, 99.9% of viruses and malware are just sloppy coding, despite the fact that the goal is to leave the code undetected. The device will run slower, less stable, and utilizes more bandwidth... all things that will impact the quality of your internet connection. If the firmware has an active vulnerability, a hard reset and re-flash without a patch or a way to disable the vulnerability won't do much good as the instant it goes back onto the internet, it's only a matter of time before it gets reinfected. Fortunately, most major router exploits (especially when hard to detect) when discovered usually gets at least some traction in the news cycle.

As for how to avoid/minimize it? Disable all unnecessary services such as remote administration; changing the admin password from the default; using a router/firmware that is still in active development and gets patches; disable UPnP, WPS, PING, Telnet, SSH, HNAP; disable administration over WiFi; don't use cloud management; don't use your ISP's DNS servers; don't enable public file servers; and use stuff like Shields Up to see if you have any open ports visible. Many consumer routers have most all of this stuff enabled by default out of the box, rarely get updates, and have had secret backdoors left open like the infamous port 32764. Stuff like OpenWRT/LEDE does not.

Ultimately, though, it comes down to giving a crap about properly configuring your router and keeping it updated. Most residential routers with their default firmware don't enable you to do that very well, and there's no such thing as an "easy to configure" router that's secure out of the box, as you either get easy to set up and configure and easy to exploit (unless you spend the time reading the documentation and diving through settings) or secure with a couple extra hoops to jump through in reading documentation first. Either way, you have to invest time and get out of your comfort zone. If you want something reasonably secure out of the box with a long firmware support cycle, you have to kind of step up to enchantment and spend a bit more with gear like Ubiquiti which is targeted at SOHO/business customers. Otherwise, the used consumer market with devices supported by OpenWRT/LEDE/DD-WRT/etc. is the way to go.

EDIT: Nothing's 100% in life, but there are things you can do to minimize the attack surface area for both the benefit of yourself and others.
« Last Edit: October 22, 2018, 10:39:56 AM by Daley »

katsiki

  • Handlebar Stache
  • *****
  • Posts: 1428
  • Age: 39
  • Location: La.
Re: recommended router?
« Reply #29 on: October 22, 2018, 04:54:34 PM »
TP-link AC1200 is actually what I have.  Have had it for about 5months.

$44 on amazon

CoffeeR

  • Stubble
  • **
  • Posts: 194
  • Location: Southwest
Re: recommended router?
« Reply #30 on: October 23, 2018, 07:30:25 AM »
I know of no solution that is always secure.
I'm just not that worried about the security of my home router.
Sol, I'm glad you are not worried about the security of your router. I am. I grant you I am not paranoid about it. Here are some of my reasons:
  • Security is not a single drawbridge. Security is layers. Your router is one layer and if it is compromised/hacked/whatever the attacker has come closer to disrupting your life. If a router is compromised, an attacker opens up new vectors of attack against your assets (accounts, data, other computers, etc.).
  • As has been pointed out, remote compromise of your router is a bigger concern then the neighbors in your wireless range. I am actually not as much concerned about the federal three letter agencies breaking into my system (they have much easier ways to get to my money) as I am about constant scanning for vulnerabilities and weakness by malicious parties. Even if my assets are not compromised (and they might be), having my Internet connection compromised will cause slow downs and other problems that can be hard to track down.
  • Having said that, you should be concerned about your neighbors and (assuming your location makes it possible) people driving up to your wireless to use it. People who do really nasty stuff (bank fraud, child pornography, etc.) actively seek to use  someone else's Internet to do their deeds. Once the famous government three letter agencies come knocking on your door because your IP address has been associated with something illegal you will be (practically speaking) presumed guilty until proven innocent.
I cannot totally prevent any of the above from happening, but I will do my best (without driving myself crazy) to place barriers in front of malicious actors. A secure router is one such barrier.

Baldrekr

  • 5 O'Clock Shadow
  • *
  • Posts: 1
Re: recommended router?
« Reply #31 on: October 26, 2018, 01:56:22 PM »
There are a few ways you might find out that your router (or some other device on your network) has been compromised.  Your ISP may tell you, as they see your outgoing traffic.

For example, earlier this year my QNAP NAS got infected by the VPNFilter malware, even though I kept its firmware up to date (within 1 month, anyway).  Comcast started injecting a warning (once every 3 days) into my browsing, telling me that some device in my home was infected by VPNFilter, but of course they don't know which device it is.  I was able to determine which device it was by reading Cisco's Talos blog about VPNFilter, where they said the malware periodically tries to read from a photobucket.com (!) gallery (obviously this gallery has long since been taken down).  Probably Comcast's malware alert goes off if any customer tries to open that particular photobucket gallery.

I turned on deep packet inspection on my router to see which, if any device was going to photobucket, and sure enough, my NAS was periodically checking it.  It turns out the QNAP NAS does not come with its built-in malware remover actually installed, but once I installed and ran it, it found and removed the malware.

At home I keep all my internet of things (cameras, etc.), including the above QNAP NAS, on a separate VLAN, so they can't get at the home network.

I was worried my Netgear R7000 (running Shibby Tomato firmware, which has been abandoned) might have been compromised too, so I switched to a Unifi security gateway, as I had already switched most of my gear to Unifi (access points, switch).  I really like Unifi's seamless roaming between access points, and the single pane of glass UI for monitoring the entire system.