Common routers suggestions, I have some concerns

Discussion in 'hardware' started by Fly, Apr 13, 2011.

Thread Status:
Not open for further replies.
  1. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    I'm not satisfied with my router. It has a number of issues, mostly performance issues.

    So I went to a couple of shops ... (Europe)

    Lots of Netgear, Linksys/Cisco routers. Advanced stuff. Expensive, a router/adapter combo typically costs 100 euros or more. :thumbd:

    But that's less important.
    Security/privacy is more important.

    To get this out of the way: I won't get a router from my ISP.

    Anyway, I am looking for a very basic but stable router. Mostly as a basic inbound firewall. NAT goes a long way.
    It doesn't need to have SPI/parental controls (!). Yeah, most routers seem to have parental controls and other fancy features.
    The more advanced the router, the more likely that it has a backdoor or backdoor-like functionality/features/'bugs'.
    I'm not so sure if open source firmware would fix that issue, I'd prefer to get it right out of the box.
    If I'm not mistaken CALEA requires some backdoor-like functionality.
    Perhaps not required for consumer level equipment, but it's doubtful that Cisco/Linksys would remove those features for consumers ... I prefer to err on the side of caution.

    The way I see it, the more advanced the router, the more plausible that it can violate my privacy/security.

    Or capture my internet traffic, sessions or otherwise. That's what some of these advanced routers can do, right ? So you could say, what's the harm in that ? Just use a software firewall.
    It's one thing to have my regular internet traffic intercepted by my ISP or other agencies, but it's something different altogether if I have this device 'router' that can be used as a spy, for dragnet surveillance or targeted investigations. I'd really rather not have a router that has those convenient eavesdropping features. I suppose that's a preference.

    I still have a Linksys/Cisco router lying on a shelf, which I need to sell !

    I realize this is somewhat redundant, given my previous posts and the posts of others.

    So I don't want some highly sophisticated router. I don't even have a need for it. Basic NAT and perhaps a basic firewall is fine. I'm not sure about any IPv6 issues (still using IPv4)

    Wireless or non-wireless is less important.

    I'm also not concerned about 'Chinese' routers ... If I had to guess, the biggest risk comes from routers made in the USA. Let the Chinese government capture my partly English, partly non-English traffic ... :p

    100 % security is not required, that's impossible.

    I'm just a private consumer who cares about basic safety, but not at the expense of privacy.

    Locally, most routers are Linksys/Cisco, Netgear, Sitecom. One or two Belkin routers. Sweex and some other brands may be available, but I'd probably have to buy one online or do some travelling.

    Configuration: ISP/modem> my router> my computer.

    Suggestions please ?
     
  2. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    2,272
    Location:
    Nebraska, USA
    Netgear, Linksys/Cisco, D-Link and the other major players all make very effective, and inexpensive basic routers with NAT and an integrated 4-Port Ethernet switch. Together with a client based firewall (such as Windows Firewall) and anti-malware solution (such as Microsoft Security Essentials), will provide a very effective security solution - if you keep you system updated and practice safe computing. And those offerings will be considerably less than 100 Euros - less than 50 Euros.

    Why do you need an adapter? You said you don't need wireless and most computers (if not all, unless very very old) should already support Ethernet. So a basic router with a 4-port switch (the normal configuration) is all you need.

    o_O Ummm, no. That makes no sense. That's like saying your money is safer under your mattress because the bank has more advanced security. The more advanced the router, the more things there for the USER (as in YOU) can mess up by dinking with them. If you don't know what it does leave it alone.
     
  3. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    Thank you for responding.
    I'm not sure what's available in the USA, but locally (city) all routers+adapter cost about 100 euros, sometimes more, but rarely less.
    Can you suggest any models ?

    Yeah. But there is a benefit if one CAN use wireless. If it's an option.
    In the city I live in they only have one non-wireles router, still about 50 euros I think.

    My thinking is the more basic the router, the smaller the risk that it is ABLE to violate my privacy/security (think wiretapping, although I'm not sure that's the correct technical term). I have one unused Linksys router that has a very bad EULA. I'm not sure to what extent 'allowed' means 'able to', but if they are the same, it's very bad.

    It's just intended as a basic hardware firewall, with perhaps some wireless options for convenience. I don't need business level security. So why stuff that I don't understand ? I don't like it.

    Doesn't Cisco/Linksys have to abide by CALEA ? Would they really dumb down the features required for businesses ?

    You're right, the fewer features, the smaller the risk I mess it up.
    My guess, also the smaller risk that it can be used as a 'spy' device.
     
  4. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    2,272
    Location:
    Nebraska, USA
    Well, if your city has a population of 100 maybe. Otherwise, I doubt that is true. Wired (Ethernet) routers are pretty common.

    What city and what country?

    What do you really want? Wired, or wireless? Note that wireless is inherently less secure. It can be secured, but it take more effort to setup, and maintain. If going wireless, go 802.11n for the latest technologies.

    Whether a router is a basic wired Ethernet router, or a router with built in wireless support, that has NOTHING to do with the EULA.

    If you have a Linksys router, use that.
     
  5. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    Not really.

    I live in a mid-sized city, not a town. The specifics of my location are not relevant. Yes, there is only one shop that has a non-wireless (wired) router in stock !

    People seemingly want easy, advanced, set-and-forget routers.
    Money doesn't appear to be a concern.

    I want a device so simple *I* can understand it.

    What about CALEA ?

    I don't NEED wireless features, but if it's optional, fine.

    WPA-PSK AES done properly is fairly secure. I can do that, as long as the router is not too 'advanced'. The one I use currently (not the Linksys) has WPS. WPS uses WPA-PSK (probably AES) but it uses only a very brief encryption key. So I've disabled that and configured it myself.
    That particular router plus adapter only cost me 50 euros, which is cheap.
    I've noticed prices went up since I bought that one.
    They sell some 'network products' like switches/hubs (?) at lower prices, but those do not have NAT or a basic firewall. I asked.

    I don't need any business level security, I'm just an ordinary user who values privacy (let's skip the privacy and/or anonymity discussion) and security.

    I can buy one online, or elsewhere.
     
    Last edited: Apr 15, 2011
  6. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    2,272
    Location:
    Nebraska, USA
    That is wrong! You come seeking specific advice on hardware options assuming hardware products and requirements are the same the world over. That is not the way it is. There are many products and model numbers that are US only, UK only, EU only, China only, etc.

    Let's get real here. You are not the only one in this world who goes by Fly. Probably not the only one in your "medium city" - I assume in Europe, but not the UK. When security awareness digresses to the point of paranoia, there's a misunderstanding of the situation, or a problem between the headsets.

    If you are paranoid the US Government is out to get you, or that badguys in your country will use a US law intended to fight cybercrime against you, then don't be, unless (1) you are committing wire fraud or some other crime against the US or one its allies sponsoring such monitoring activities or, (2) badguys have intentionally targeted you!

    Badguys targeting you would be a very rare event. Badguys are lazy, seeking "crimes of opportunity" - the "easy pickin's". If you keep your computer updated and patched, scanned with a good real-time scanner, blocked behind a local firewall, and you avoid illegal activities and risky practices, then any old router with NAT will add an additional and significant layer of security to your network and computers such that no one but a true professional targeting your computer can hack in. Nothing is 100% effective, but doing this is pretty close. A badguy in a car out front with a directional antenna pointing at your house will still easily see your network, but if he needs to spend more than a moment or two trying to get in, he will move on. Of course if wired, no one will know you have a network or computers in that house.

    But, if you (speaking to the crowd), or if anyone using your computer participates in risky practices like illegal filesharing of software, songs and videos, or illegal gambling or porn, or other activities that would attract the attention of Law Enforcement, then all bets are off, regardless your security in place. And participating in shady activities on the Internet is like asking a stranger knocking at your door late at night to come into your home before asking what he wants. Malware writers love to introduce their new malicious code in those very same places. If you invite the bad guy in, no security measure will prevent compromise. The user is always the weakest link in any security system.
    Not really what?

    Well, sorry, I don't believe that. That may be all you have found, but I am sure other places have them. Since you feel it necessary to keep your location secret, you are on your own with that. Here, you can find inexpensive Ethernet routers even in discount stores like Walmart, Target and K-Mart, as well as home improvement stores like Home Depot, Menards or Lowes. And the electronics stores typically have 2 or 3 Ethernet (wired) only routers. Yes, wireless is more popular these days, but many folks, including yours truly, still prefer wired, at least for my home computers and network.

    What about it?

    It seems you already have 2 routers. I fail to see why you are not using one of them. I also fail to see what you expect to gain by using a different one. Note that routers are NOT that high-tech, and pretty much all (for home use) work exactly the same way using the exact same protocols. It would probably be best if you describe exactly what you wish to accomplish.
     
  7. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,069
    I resent the implications of attempting to hide criminal activities or being paranoid.

    I think I've stated why I don't want to use that Linksys router.('search' for an older question about that)
    My current router has performance issues, connection-related.

    Any basic but not broken router would be effective as a hardware firewall.
    That's all I want.
    Pertaining the issue of 'backdoored' routers, I just don't feel a need to install one. So, am I suddenly a suspect because I don't fully and blindly trust the US government, Linksys/Cisco or any other agency/company ?

    I don't want to continue this conversation.
     
  8. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    2,272
    Location:
    Nebraska, USA
    I meant no disrespect and was not trying to infer or imply that you were anything - other than concerned about privacy, based on your own questions. That is why I specifically, said, "talking to the crowd" and "if this" and "if that". And why I spent a lot time on badguys. It is also why, since you seem concerned about privacy, why I emphasized wired over wireless. Sorry if you read into it more than was there.

    Have a good day and good luck.
     
  9. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    You should use WPA2 for better security.
     
Loading...
Thread Status:
Not open for further replies.