Jump to content
All visa questions and fresh Immigration updates here ×

Router that Provides Good Internet Security

CFC

By CFC
in IT and Computers

 Share

Recommended Posts

NeverSure Star Member

NeverSure

Posted
Posted

All routers provide a pretty good protection against hacking. Only malware tools might protect you against yourself.

A router by definition is a firewall. It does NAT (network address translation). Because it returns requests for internet resources (a web page, a video, software download, email, etc.) to the computer that requested it, it needs the request first. So if you don't click on a link and request something the router will have nowhere to send something that's uninvited. It will just destroy the packets and that's the firewall part.

Because every router does NAT, every router will reject what you don't request. Also, a router is a computer with its own IP address and from the internet it looks like any other computer to the bad guys. If they try to hack you they will probably just spin their wheels trying to hack that router instead of your computer which they can't see behind the router.

My concerns when buying a router is quality and features (a,b,g,n, etc) and other capabilities. Brand names mean a lot to me. Others would disagree if I mentioned a favorite. Chevy, Ford, VW, Toyota, LOL.

Cheers.

Link to comment
Share on other sites
RichCor Platinum Member

RichCor

Posted
Posted

All routers provide a pretty good protection against hacking. Only malware tools might protect you against yourself.

A router by definition is a firewall. It does NAT (network address translation). Because it returns requests for internet resources (a web page, a video, software download, email, etc.) to the computer that requested it, it needs the request first. So if you don't click on a link and request something the router will have nowhere to send something that's uninvited. It will just destroy the packets and that's the firewall part.

Because every router does NAT, every router will reject what you don't request. Also, a router is a computer with its own IP address and from the internet it looks like any other computer to the bad guys. If they try to hack you they will probably just spin their wheels trying to hack that router instead of your computer which they can't see behind the router.

This isn't quite true.

Not all routers do NAT, nor do all routers have firewalls.

According to Wikipedia, "A router is a networking device that forwards data packets between computer networks. Routers perform the 'traffic directing' functions on the Internet."

Though your statement might be true for most Residential Router/Gateway devices.

But the issue is that many/most Residential Router/Gateway devices have compromised firmware, either allowing exploits to be easily run against them or even open service ports (via FTP, SSH, Telnet, HTTP WebConfig, TR-069) with fixed/knowable passwords ostensibly for the ISP to do remote config from the WAN side.

ASUS router/gateway products seem to have had a pretty good track record, with people really talking up the ASUS RT-N56U, though what device is selected really depends on what feature set you need/desire (Ethernet + WiFi interface) vs the network type your installing into (ADSL, Cable DOCSIS, FIBER, etc).

We need to know a bit more about the OP's current situation.

Link to comment
Share on other sites
Chicog Star Member

Chicog

Posted
Posted (edited)

A router by definition is a firewall

No it isn't. By definition it's a router.

A router is a device that forwards data packets along networks. A router is connected to at least two networks, commonly two LANs or WANs or a LAN and its ISP's network. Routers are located at gateways, the places where two or more networks connect.

Routers don't have to NAT, and they don't have to have Firewalls built in.

Could the OP please give us an idea of what "a fortune" is, because it will help find something in his budget.

Added:

$100 is not my idea of a fortune but it does seem quite a good price for this kit. Assuming they've fixed the flaws that were prevalent in older models.

http://thewirecutter.com/reviews/best-wi-fi-router/

Edited by Chicog
Link to comment
Share on other sites
CFC Advanced Member

CFC

Posted
  • Author
Posted

Thanks for the replies. I wouldnt have a problem spending $300-$500 on the router. I have got antispyware and anti virus already installed on my PC but would like another layer of protection again hackers. Friend of mine just had his bank account hacked and its headache I dont need.

Link to comment
Share on other sites
Chicog Star Member

Chicog

Posted
Posted

Thanks for the replies. I wouldnt have a problem spending $300-$500 on the router. I have got antispyware and anti virus already installed on my PC but would like another layer of protection again hackers. Friend of mine just had his bank account hacked and its headache I dont need.

Then that <$100 TP-Link might be right up your street. It's a very good spec for the price, too.

I'd also recommend installing WOT (Web of Trust) in your browser.

Link to comment
Share on other sites
dddave Platinum Member

dddave

Posted
Posted

Check out reviews of the TP-Link Archer series and see if one fits your needs. Both the C-7 and D-2 are reasonably priced and available locally in Bangkok at many Fortune Tower shops.

Prices varied B300-400 shop to shop so worth wandering around a bit.

Link to comment
Share on other sites
innerspace Silver Member

innerspace

Posted
Posted

Dmz, Port forwarding and upnp prove that theory of dropping all unknown packets wrong. Most consumer routers have these security weaknesses (or useful tools) built in and sometimes the latter on by default.

Software is more important than hardware when it comes to router security. Always run latest firmware since a huge number have known flaws.

If a suitable device open source alternatives can boost security and features at low cost. Tomato is user friendly, ddwrt a few more features.

And if security is important learn to use properly and device you use, 1wrong setting and you open the door to unintended side affects.

Nice usability features like upnp or remote administration have risks.

Link to comment
Share on other sites
muratremix Gold Member

muratremix

Posted
Posted

If you're networking expert, you can buy a mini pc from Aliexpress for $200 usd + $20-30 shipping with 4 LAN ports, install pfsense or some firewall distro with IDS and forget about getting hacked ever (unless you click everything in your emails and run .exe or .scr files attached to your emails lol)

Link to comment
Share on other sites
Chicog Star Member

Chicog

Posted
Posted

If you're networking expert, you can buy a mini pc from Aliexpress for $200 usd + $20-30 shipping with 4 LAN ports, install pfsense or some firewall distro with IDS and forget about getting hacked ever (unless you click everything in your emails and run .exe or .scr files attached to your emails lol)

Is this what you do?

Link to comment
Share on other sites
dddave Platinum Member

dddave

Posted
Posted

Buy any router and regularly go and check it out on the site I gave. How hard do you want to make it for crying out loud ? The OP is concerned about SAFETY and not the exact workings of a router

This is quite good:

http://www.pcflank.com/

When I tried to open the pcflank link, I got a full page "Red Notice" from Google Safe Browsing warning me of dire consequences if I opened this page.

Link to comment
Share on other sites
Pib Star Member

Pib

Posted
Posted

ASUS router/gateway products seem to have had a pretty good track record, with people really talking up the ASUS RT-N56U, though what device is selected really depends on what feature set you need/desire (Ethernet + WiFi interface) vs the network type your installing into (ADSL, Cable DOCSIS, FIBER, etc).

We need to know a bit more about the OP's current situation.

I have an ASUS router/AP....one thing I like about it is every six months or so a new firmware update occurs to address any bugs/security issues. Manufacturers who seem to stay on top of firmware updates get extra points from me.

Link to comment
Share on other sites
  • 3 weeks later...
Millenial Senior Member

Millenial

Posted
Posted (edited)

I just have a very strong private network around the house, and a strong firewall.

But there is no need having a strong router if you then do everything open, so for external communications through the network i use

Email, Calls, Video Conference, Messaging : Invmail the system is Zero Knowledge and End-2-End encrypted - like unbreakable encryption.

The guy who owns the company is also based in Thailand, thats where i first heard of it at an event, they (BVI Invacio Holdings) acquired a established company and remoulded it to their own uses.
Browsing/Searching : Tor
Networking: Invacio (private), aSW (private) and Mijonet for private discussions, debates, and so on.
Edited by Millenial
Link to comment
Share on other sites
Chicog Star Member

Chicog

Posted
Posted

I think it's erroneous, but I've sent them an email to let them know. If you're worried, stay away from it until I get a response.

It is still red-alerting.

Did they ever get back with you?

No.

Som num na, scratch it from the list.

biggrin.png

Link to comment
Share on other sites
slipperylobster Ruby Member

slipperylobster

Posted
Posted

You want your router to be secure?

Change the default login/password on your router page.

Yes, believe this or not, most people don't do that. What then happens is that your neighbor ... can fiddle with your settings....and allow access for himself...on your network.

Just wait for that service provider vehicle (with the logo) pulls into the neighborhood. Find our what type of router they use (call the provider), then google up the default login. A neighbor could then utilize your broadband and download their illegal stuff (you are to blame). Worse..he can access shared files on your network.

Link to comment
Share on other sites
Chicog Star Member

Chicog

Posted
Posted

You want your router to be secure?

Change the default login/password on your router page.

Yes, believe this or not, most people don't do that. What then happens is that your neighbor ... can fiddle with your settings....and allow access for himself...on your network.

Just wait for that service provider vehicle (with the logo) pulls into the neighborhood. Find our what type of router they use (call the provider), then google up the default login. A neighbor could then utilize your broadband and download their illegal stuff (you are to blame). Worse..he can access shared files on your network.

Unfortunately, if you have a router that is susceptible to a flaw that allows remote access with a specially crafted string, or has a hidden vendor backdoor, that isn't much good.

http://routersecurity.org/bugs.php

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.







×
×
  • Create New...