Router

What's a cheap router nowadays on which I can throw dd-wrt ? Speaking of which, does dd-wrt have easy dnsec or do I have to do the openwrt, lede meme way ?

Other urls found in this thread:

thinkpenguin.com/gnu-linux/free-software-wireless-n-mini-vpn-router-tpe-r1100
aliexpress.com/item/Eglobal-Barebone-mini-pc-J1900-Quad-core-4-LAN-1080P-12V-Mini-Desktop-Computer-300M-WIFI/32670582442.html
thinkpenguin.com/gnu-linux/penguin-wireless-n-usb-adapter-w-external-antenna-gnu-linux-tpe-n150usbl
lede-project.org/
friedzombie.com/tplink-stripped-firmware/
twitter.com/NSFWRedditGif

Most of the firmwares on dd-wrt are outdated an vulnerable. I would not recommend.

Asus routers and the asuswrt-merlin firmware are getting linux and router-specific security update regularly.

Fritzbox devices don't hold back features in the software, so you probably won't need a 3rd party firmware on their devices.

Planning to hack old ladies again, user?

Fritzbox is too expensive. It's like over 200 euros but a RT-N66U should do the job.
Thanks for the info.

nno

TPE-R1100 Wireless-N Mini VPN Router
thinkpenguin.com/gnu-linux/free-software-wireless-n-mini-vpn-router-tpe-r1100


Glowing in the dark binary blobs are in these firmwares.
I would not recommend.


Are proprietary
I would not recommend.

There's no such thing as a "cheap router" that you can throw dd-wrt. All routers that have enough memory and storage for latest versions are expensive as fuck if i recall correctly.

What kind of range do you get on that router? It has no external antennas.

Well what I use has binary blobs and I still haven't disable IME because the whole process is too complicated and I'm a retard.

why do this when you could just buy the parts yourself and make a little pfsense box?

0 experience with this, currently not my top priority

This is an option. Also Mikrotik devices if that floats your boat. I was using pfsense on some asus eeebox for awhile as a layer 3 wireless to ethernet bridge (not a transparent bridge, it was routing between wifi on the WAN side and providing dhcp and whatnot and a firewall for the LAN with ethernet on that side). Eventually the wireless became flaky though and I started researching on that and it looked like wireless N was maybe not even possible so I bought a mikrotik mAP v2nD which I have doing basically the same thing. It just maintains faster connection better. If I was wanting to run a regular access point I would probably look to another mikrotik device because that one does not have an external antenna. But they are not hard to configure if your use case is a quickset option, which a regular access point would be.

pfsense is pretty easy to configure and can do what you want. It's not any harder than buying some shitty router and flashing it with some random out of date version of ddwrt.

god no. OpenWRT, pfsense, or at least Tomato.

Except I don't know what to buy for pfsense under 100 euro.I mean of course I can find shit that meets the minimum requirements but I want to be sure it works.

Isn't Tomato as dead as dd-wrt ?

Bump

Pic related will run pfsense out of the box. I have been using one for a few years now with no problems.

aliexpress.com/item/Eglobal-Barebone-mini-pc-J1900-Quad-core-4-LAN-1080P-12V-Mini-Desktop-Computer-300M-WIFI/32670582442.html

I typically just buy routers from thrift stores that are compatible with dd-wrt or openwrt. Just bring your phone and look it up.

I have a whole box of routers for mesh networking.

That piece of fucking shit. That piece of fucking SHIT. Fuck that piece of fucking shit.

Fucking piece of shit has one mini-PCIe slot for wireless cards, and do you know what it does? It's the only mini-PCIe slot in the world that operates solely on USB fucking protocol. That's right. You need a mini-PCIe wifi card that, for some god forsaken assbackwards reason, operates on USB protocol instead of mini-PCIe.

Chinese piece of shit.

nice taste in music user

The original Tomato, yeah. I think some forks are actively maintained last time I checked (years ago).


This isn't /g/, you queer.

How about ARM SBC like BeagleBone Black with a second ethernet port via USB. If you need more ports, stick a cheap switch on LAN side. Should be able to run OpenBSD on that too.

This was getting buried by a goddamn autist bumping threads with "t. freech" so I thought I'd bring it back up top, have you ever considered rubbing your two neurons together every once in a while?

not op but, can anyone tell me how hard it would be to make a router out of a linux system and a separate wireless card?

mikrotik shit was compromized for years by the nsa, and they were complicit. do not use.

get a cheap itx board with a soldered cpu and run pfsense.

thinkpenguin.com/gnu-linux/penguin-wireless-n-usb-adapter-w-external-antenna-gnu-linux-tpe-n150usbl
Connect it to the usb port.

Not a lot of hardware can.

DNSSEC is a mistake. It's too broken to use. Proper (secure) validation requires running your own resolver and is slow. I used to support it in a VPNish thing I wrote but no one deployed DNSSEC. They often refuse to use DNS at all as it's seen as a single point of failure.

It's trivial if you know networking. Networking isn't trivial, though.

but if you can get it for free, might as well enable it. Kind of like enabling TLS on your mailserver. A determined attacker can get around it but it raises the bar a bit.

There aren't many open source routers left, pcengines and turris omnia seem to be the only ones.

I use TP-Link Archer C7 + LEDE ( lede-project.org/ )

it works fine. I don't fuck with it too much because as much as I like the idea of treating my router like a raspberry pi personal server thing, I also like having security and working internet so for the most part that means leaving the default settings. I just changed the DNS servers and added a cron job to reboot every week.

also if you go this route you need this firmware to flash first so it doesn't prevent you from flashing 3rd party firmware
friedzombie.com/tplink-stripped-firmware/

This.

Get a Mikrotik. Way more features, way more control.

Source?

Bumping for more info on Mikrotik/NSA connection. I'm not finding anything but I want to know

I would just buy a PC Engines.

130 USD and I have a passively cooled PC that runs all the BSDs and Linux.

To me it's cheap when Billion and Asus are trying to sell their shit routers for 400 bucks.

Goddammit linux fags. I just wish they sold the old model with external antennas.