I found a WRT54G in a skip about a decade ago, dried it out, installed Tomato on it and it's been working ever since. It still works just fine as a WiFi access point for my internet connection, but it's starting to fall flat for my in-house needs. The 1000Mbit LAN ports don't cut it anymore and same-network WiFi connections are lagging behind what's possible on even the cheapest devices out there now.
There are plenty of suggestions on them there interwebs, but I'm curious: do you lot have any suggestions or hands-on experience with more modern Open/DD-WRT-alike compatible WiFi routers?
Don't you need a specific chipset for it to work - no one could ever tell me for sure if my WRT54GS-UK would work with Open/DD-WRT unless I opened it and checked a chip, which I did, then never got around to using the fucker. It's time I did.
At the end of last year, WikiLeaks published a leaked database of the CIA's private hacking tools. This contained detailed explanations of hundreds of zero-day vulnerabilities, including Cisco, Ubiquiti and Mikrotik routers. Malware developers quickly started using these exploits in the wild. Mikrotik seem to have been disproportionately affected, despite having patched the relevant vulnerability (Chimay Red) before the leaks were made public. Most plausibly, this is because their equipment is popular with internet cafes and wireless ISPs in developing countries; Mikrotik equipment is cheap but powerful, giving amateur network administrators ample opportunity to shoot themselves in the foot. They don't have a particularly high rate of vulnerabilities (eight CVE items total, all patched).
>>26493 > Uh... that's pretty important. Can you elaborate?
>>26494 OpenWRT on MikroTik gear, what's the point?
Without letting he cat too far out of the bag RouterOS is the big deal, the source code is available and it's worse Windows in the NT 4 era. Worse than Cisco IOS in the "things to do in ciscoland when you're dead era".
> They don't have a particularly high rate of vulnerabilities (eight CVE items total, all patched).
I'd laugh manically but I can't be arsed. Security researchers look at new cool stuff. Pop open a RouterOS image in IDA Pro next time you're bored and just xref search for memcpy. Hey you might even get yourself on the front page of El Reg.
Most corporate risk analyses assume that the network is compromised and work on segregating data, incident response, and "need to know" policies. In other words I wouldn't trust a Cisco more than a Juniper more than I would MS Word 2007 - they're all heaps of shit to begin with before we even start talking about bugdoors.
Can't you just throw OpenBSD on a rpi and be done with it? What do you need "libre" anything for? Everything you want in a routing / firewalling setup comes pretty much out of the box.
Of course if OpenBSD never got around to doing an ARM port just ignore my ignorance and try buggering around with iptables on a locked down Linux instead.
