You can access the console of your router from any device connected to the network. Most manufacturers set up the administrator account on routers with the same username and password for every piece of equipment they sell. This is different from simply connecting to the network; it grants you control over the network configuration. With a bit of know-how, anyone connected to the router can guess or Google its login credentials. This makes you vulnerable to a hacker or a young overachiever.
[Gadget Hack] Upgrade Your Linksys Router (or Equivalent) to Tomato Firmware
UPnP helps a device get set up, but once you have that thing working, switch off its UPnP capabilities. You should also turn off UPnP compatibility in your router. UPnP has enabled hackers to infect household devices and include them in botnets. A botnet is an army of devices that can be directed to send access requests to one computer all at the same time, thus blocking its availability. This is called a DDoS attack and it is increasingly being used by countries such as Russia and China as a military strategy, so UPnP is even undermining national defense.
The computers and other devices in your home could provide avenues for hackers to get onto your router. Some of the devices that connect to your network will be portable. Devices such as laptops, tablets, and smartphones are more likely to get infected because they likely connect to other networks and access the internet in public places. There are more possibilities for virus infection and intrusion outside of the house. Equipment that never leaves the house is only exposed to one internet access point and so is less likely to be infected.
This might be a home-only website, intended to share vital information to your family. Alternatively, it might even be a blog, as custom router firmware will support LAMP (Linux, Apache, MySQL, PHP). This means that you could potentially install WordPress.
Old routers supported by custom firmware can be set up with VPN software. This means that if you have a VPN account with, say, ExpressVPN (MakeUseOf readers can save 49% on our top ranked VPN choice), it can be set up on your router.
Dedicated software can be installed on an OpenWrt or DD-WRT router (other firmware is also supported) that enables you to create a Wi-Fi hotspot for your business. This can offer free or paid internet access, along with branded interfaces and even adverts.
Naturally, steps must be taken to comply with CCPA, GDPR, and similar privacy legislation. However, if your old router is compatible with firmware such as HotspotSystem, consider this option for your business or sideline.
The great thing about this router is that it is easily customisable and highly configurable after uploading third-party firmwares like DD-WRT, Tomato and OpenWRT. You can even write your own scripts and upload them to the router.
**Whatever you do is done AT YOUR OWN RISK. I AM NOT RESPONSIBLE for what happens to your router. If you are willing to risk your router with the firmware change, read on, or else look somewhere else.
Take a plain, ordinary (read: boring, with limited functionality) $60 wireless router and supercharge it with cool features and lots more functionality, control, and diagnostics. There's much more under the hood of these devices than is accessible with the vendor's default firmware versions. Even the updates from the vendor's support website unlock only a fraction of the router's capabilities.Third-party developers have made firmware upgrades available that unleash a lot more functionality."What is this 'firmware' of which you speak?" you ask. Well, that router is really just a fancy pile of switches waiting to be told what to do; that's the hardware. The firmware consists of the start-up instructions that make those switches actually do things. It's called firmware because it's not in the form of traditional "software" -- it's not on a moving disk. It is stored on a non-volatile memory (NVRAM) chip. The good news is: the vendors allow changes to that chip, so if they produce new versions of firmware, you -- the end-user -- can copy another version into NVRAM, letting your old device do new tricks. It also means that the chip can hold other code -- code written by someone other than the original vendor...Note: I'm working on an updated version of this "-able" using firmware release v.24 SP1. Stay tuned...
1) Determine the version of the router, to know what the technical details are for your specific model2) Download the Upgrade firmware version utility from Linksys. This is a TFTP utility needed for upgrading to any DD-WRT firmware type except "generic"3) Download latest firmware from DD-WRT Downloads page:3.1) Download the Mini firmware for your specific router model. Mini flash is required for all upgrades, as an interim stage between Linksys firmware and the final DD-WRT firmware configuration.3.2) The Standard, VPN & VOIP versions have different feature sets, but all share the same core extended functionality.3.3) If zip files are downloaded, there are different file versions within for the different router models, so be careful which file you select when upgrading.4) Reset the router to factory defaults. The router's default configuration should now be the following:4.1) IP address: 192.168.1.14.2) Subnet mask: 255.255.255.04.3) Username: admin4.4) Password: admin
1) Assign the Ethernet port on your laptop/desktop a static address that matches the default factory subnet of the router. Follow these steps to assign a static address. (It's possible to perform the upgrade with a DHCP address, but a static address is more reliable.)2) Use an Ethernet cable to connect to the router through a 10/100 port for performing the flash upgrade. (It's possible to flash the router via a wireless interface, but it's much more reliable to use a wired connection.) Use a web browser to connect to the router's administration interface using the above credentials.The result should look something like this:
Use the router's web GUI interface to flash the router to the "mini" firmware. Be sure to use the "generic" mini firmware file when using the web GUI. Apply the firmware and heed the warnings not to shut down the browser window or power off the router until the process has completed. The firmware upgrade page, with the "mini" generic firmware selected, in the process of upgrading the firmware:
Perform a hard reset on the router. It should then restart with the DD-WRT "mini" firmware successfully applied.The DD-WRT firmware has different login credentials, and the mini firmware upgrade sets the following values: 1. IP address: 192.168.1.1 2. Subnet mask: 255.255.255.0 3. Username: root 4. Password: adminThe default web page displays an overview system information page without requiring a login (Note the current active version in the upper-right of the router's web interface, and the new default router name):
The router upgrade is now complete!The mini firmware need only be applied once. It serves as a transition between the Linksys and full DD-WRT binaries. Other DD-WRT firmware images (VPN, VOIP) may be applied using the same process for applying the Standard binary. The basic setup page should appear, with the new firmware version showing in the upper right:
You've got a ver. 5.0 WRT54G router. They don't recommend using this router, as it has less memory than older versions and uses a 3rd-party Linux firmware. Ver. 4.0 and below have 16MB of RAM and 4MB flash built in, but 5.0 and above have only 8MB/2MB. (Ver 7.0 has Atheros hardware and is not supported at all with the DD-WRT firmware upgrade.) Ver. 5 & 6 use the 3rd-party a Linux firmware and require a special extra utility to deal with that VXWorks firmware build. If you do plan to try flashing this router, only use the Micro DD-WRT upgrade (because of smaller RAM/flash capacity) and get the VXworks utility. I've never used it, so until I stumble across a v.5 or 6 router to try this on, you're on your own. Serial numbers starting with CDF0 -- CDFA are ver. 1.0 through 4.0 and should all work with the standard DD-WRT firmware. They're available pretty cheap if you look around...I hope this helps!-- Geoff
I'm going to make a bunch of assumptions here, so please correct me if I don't have all the information quite right. This is a business with DSL as their single Internet access pipe. They have both wired and wireless for their business users, and they want to be able to offer wireless to customers that is restricted to internet access only, no customer visibility onto the business network. The business wants to use a single Linksys DSL router to do this. Is this correct? I'm thinking that this is beyond the ability of this device/firmware.In this scenario, you would really want 2 separate SSIDs and force the customer SSID direct to the WAN interface using static routing. The idea is to make customer access simple, providing an open, wireless SSID that wireless users could just attach to easily. Don't have them go through any manual config contortions, then the business stumbles into the business of providing wireless internet access in addition to their primary business. Also, you would likely want some way to throttle the amount of bandwidth used by customers, so someone in the waiting are doesn't soak up all your bandwidth with a monster download.(We're now entering the part of the discussion where I'm going to make some suggestions, but having never tried them with this device, they're only possible ideas...) There are a bunch of ways to handle this. One could be to get another Linksys router, configure it with a different SSID, and set up static routing under "Setup...Advanced Routing" and force traffic to the WAN port. Another would be to get a more capable router, something with access list capability. Or possibly a layer-3 switch using VLANs could also address this issue. Help me understand the scenario more, but I think what is desired here is beyond the capability of this inexpensive router, even after being flashed with DD-WRT firmware. Ultimately, this discussion is way beyond the scope of this Instructable. It might make more sense to check out the DD-WRT website for support and user forums. Someone there would likely have a whole lot more information than I have on this particular topic.-- Geoff 2ff7e9595c
Comments