Gateway to your kingdom

Gateway to your kingdom: why everybody should check and update their broadband router

Update your router's firmware for faster speeds, and greater security.

In a recent test of wireless routers for the home, I followed usual best practices and updated all the devices with the latest available firmware from the manufacturer before putting each one through its paces. But whether you've just bought a new router, or are about to, or are using a model that's already a few years old, you should be doing the same right now. In fact, and as boring as it may sound, it's definitely in your interest to check and update any router you use. 

Update your router for faster speeds

For the sake of performance testing alone it can be essential to literally get up to speed with the latest firmware build. Many router manufacturers release their product half­baked, it seems, with listed features missing, incomplete or unreliable.

In the case of a Linksys router on test, the WRT1900AC, it's listed as an 802.11ac device but a visit to the admin interface might lead you to think otherwise – there are no settings to adjust core parameters of the new higher­speed 11ac protocol. Typical tweaks like width of radio channel, and which legacy protocols to support are strangely incomplete. All we saw there was a choice of 20 or 40 MHz channels (draft 11ac is founded on 80 MHz channels) and a choice of 11a or 11n protocols; but no 11ac. A Linksys spokesman assured us the router does work with 11ac providing you don't touch any of these settings.But whether you surf at home at 500 Mb/s or just 50 seems academic when the bigger issue is about the fundamental security of your router. You can run all the anti­virus software and firewalls you like, but if your home router leaves the back door wide open, anyone and everyone can walk in.Cisco is one company known to make routers that have included such problems, as documented by its advisory warning in January this year (advisory code cisco­sa­20140110­sbd), which explained how the firmwaredesigners created what's been euphemistically termed an Undocumented Test Interface – a backdoor hidden only by obscurity on port 32764 whichallows an attacker to gain unauthenticated root access. In other words, theycan own the router and play god over all that it routes. Which is to say, everyPC, laptop, tablet and phone in your home.For someone with the necessary intent, a fiddle with your DNS settings is allthat's required to divert your visit from https://www.natwest.online.banking.co.uk to a facsimile site that instead will happily accept your login credentials, for surreptitious use later.

Who makes your router?

Cisco is far from alone. In fact there's sometimes a theme of insecurity in numbers, especially when different router manufacturers rely on using the same kit or code from other vendors. It was January this year that enthusiast security researcher Eloi Venderbeken published findings that Cisco, Linksys (then a sub­brand of Cisco), Netgear, TRENDnet, Belkin and other lesser known brands all suffered the same backdoor vulnerability.Further research suggested the common thread was that all affected routers were in fact made by another company entirely, Sercomm of Taiwan/China, that builds these devices for the better­known companies. Even if you trust a big brand name, be aware that it is possible they don't know exactly what's being sold in their name since are not required to test fully what they're reselling.In July last year, Independent Security Evaluators (ISE) published a report which explored the issue of insecurity in SOHO (small office/home office) routers. In other words, just the kind of consumer- and enthusiast routers that we test and review over at PC Advisor. The researchers looked at 10 routers from familiar names such as Asus, Belkin, D­Link, Netgear, TP­Link and TRENDnet.In what the researchers describe as a less-than-exhaustive study, they found 55 new, previously undisclosed vulnerabilities. Many of the routers shared the same vulnerabilities since they were based on the same common design again, despite sporting different company badges.More recently – last week as I write this in mid­August 2014 – the results of a hacker competition at Defcon 22 were revealed. In a challenge entitled SOHOpelessly Broken presented by ISE and the EFF, the first stage revealed another 15 0­day vulnerabilities in popular modern routers from Asus, Belkin, D­Link, Linksys and Netgear.Less frequently evaluated in penetration tests of domestic router is the security of unofficial firmware – the open­source alternatives to the commercial software already installed on every router. There are now several projects to port special builds of Linux to popular home and office routers, under names such as OpenWRT, DD­WRT and Tomato. These areenthusiast­led collaborative projects from technically skilled router users who are fed up with closed­source and leaky software on the gateway to their kingdoms. As open­source software, source code is available for any interested party (white hat or black) to scrutinise, there's potentially more scope for finding bugs – as well as exploiting them.These are typically ongoing projects, with rolling updates that would paralyse a ‘normal' home user with their frequency. We wouldn't necessarily recommend an open source­patched router in a group test of home routers, which is why they were tested only with the installed firmware, even if manufacuters such as Netgear and Linksys add ‘open­source support' to theirproducts' features lists.The example of open­source firmware in that last challenge did in factsurvive the hacking onslaught, the EFF's own Open Wireless Routerfirmware.But good security advice remains to check your router's firmware and updatewhen patches as soon as patches become available. Who knows, maybeyour router maker has closed some of the gaping holes revealed in the past few disclosures?Update your router's firmware for faster speeds, and greater security.In a recent test of wireless routers for the home, I followed usual best practices and updated all the devices with the latest available firmware from the manufacturer before putting each one through its paces. But whether you've just bought a new router, or are about to, or are using a model that's already a few years old, you should be doing the same right now. In fact, and as boring as it may sound, it's definitely in your interest to check and update any router you use. Update your router for faster speedsFor the sake of performance testing alone it can be essential to literally get up to speed with the latest firmware build. Many router manufacturers release their product half­baked, it seems, with listed features missing, incomplete or unreliable.In the case of a Linksys router on test, the WRT1900AC, it's listed as an 802.11ac device but a visit to the admin interface might lead you to think otherwise – there are no settings to adjust core parameters of the new higher­speed 11ac protocol. Typical tweaks like width of radio channel, and which legacy protocols to support are strangely incomplete. All we saw there was a choice of 20 or 40 MHz channels (draft 11ac is founded on 80 MHz channels) and a choice of 11a or 11n protocols; but no 11ac. A Linksys spokesman assured us the router does work with 11ac providing you don't touch any of these settings.But whether you surf at home at 500 Mb/s or just 50 seems academic when the bigger issue is about the fundamental security of your router. You can run all the anti­virus software and firewalls you like, but if your home router leaves the back door wide open, anyone and everyone can walk in.Cisco is one company known to make routers that have included such problems, as documented by its advisory warning in January this year (advisory code cisco­sa­20140110­sbd), which explained how the firmwaredesigners created what's been euphemistically termed an Undocumented Test Interface – a backdoor hidden only by obscurity on port 32764 whichallows an attacker to gain unauthenticated root access. In other words, theycan own the router and play god over all that it routes. Which is to say, everyPC, laptop, tablet and phone in your home.For someone with the necessary intent, a fiddle with your DNS settings is allthat's required to divert your visit from to a facsimile site that instead will happily accept your login credentials, for surreptitious use later.

Who makes your router

Cisco is far from alone. In fact there's sometimes a theme of insecurity in numbers, especially when different router manufacturers rely on using the same kit or code from other vendors. It was January this year that enthusiast security researcher Eloi Venderbeken published findings that Cisco, Linksys (then a sub­brand of Cisco), Netgear, TRENDnet, Belkin and other lesser known brands all suffered the same backdoor vulnerability.Further research suggested the common thread was that all affected routers were in fact made by another company entirely, Sercomm of Taiwan/China, that builds these devices for the better­known companies. Even if you trust a big brand name, be aware that it is possible they don't know exactly what's being sold in their name since are not required to test fully what they're reselling.In July last year, Independent Security Evaluators (ISE) published a report which explored the issue of insecurity in SOHO (small office/home office) routers. In other words, just the kind of consumer- and enthusiast routers that we test and review over at PC Advisor. The researchers looked at 10 routers from familiar names such as Asus, Belkin, D­Link, Netgear, TP­Link and TRENDnet.In what the researchers describe as a less-than-exhaustive study, they found 55 new, previously undisclosed vulnerabilities. Many of the routers shared the same vulnerabilities since they were based on the same common design again, despite sporting different company badges.More recently – last week as I write this in mid­August 2014 – the results of a hacker competition at Defcon 22 were revealed. In a challenge entitled SOHOpelessly Broken presented by ISE and the EFF, the first stage revealed another 15 0­day vulnerabilities in popular modern routers from Asus, Belkin, D­Link, Linksys and Netgear.Less frequently evaluated in penetration tests of domestic router is the security of unofficial firmware – the open­source alternatives to the commercial software already installed on every router. There are now several projects to port special builds of Linux to popular home and office routers, under names such as OpenWRT, DD­WRT and Tomato. These areenthusiast­led collaborative projects from technically skilled router users who are fed up with closed­source and leaky software on the gateway to their kingdoms. As open­source software, source code is available for any interested party (white hat or black) to scrutinise, there's potentially more scope for finding bugs – as well as exploiting them.These are typically ongoing projects, with rolling updates that would paralyse a ‘normal' home user with their frequency. We wouldn't necessarily recommend an open source­patched router in a group test of home routers, which is why they were tested only with the installed firmware, even if manufacuters such as Netgear and Linksys add ‘open­source support' to theirproducts' features lists.The example of open­source firmware in that last challenge did in factsurvive the hacking onslaught, the EFF's own Open Wireless Routerfirmware.But good security advice remains to check your router's firmware and updatewhen patches as soon as patches become available. Who knows, maybeyour router maker has closed some of the gaping holes revealed in the past few disclosures?