oldie but goodie
The fix was released years ago and its called tomato firmware. Tomato (and other custom firmware) was the main reason why people bought this router long after the hardware was obsolete.
Cisco has identified the Linksys router affected by the vulnerability published by DefenseCode on January 14. In an e-mail to The Register, the vendor says its review shows the vulnerability only exists in the WRT54GL home router. “Following our assessment of information recently released by DefenseCode, we have confirmed a …
Same here. My WRT54GL runs Tomato, does loads of fun things from web usage logging, per-client time restrictions (no midnight Skype for my kids' smartphones) secondary WiFi network for guests, openVPN client/server, variable broadcast power... It might not be the fastest router around, but I'd be hard pressed to part with it.
Are you sure that these versions are not affected?
Leon Juranicvor, CEO DefenseCode confirms that this vulnerabilty does not work from the internet.
Asked whether Tomato, Robin, dd-wrt, Free-wrt are vulnerable he only points to busybox. As all of these share a common heritage I take this as a hint that all are vulnerable. In two weeks we will know more...
Quotes on Youtube:
...We're still investigating some tricks to exploit this vulnerability from the internet, but for now, yes - it seems safe from the outside of the network. Of course, unless services are available from the internet. ...
... Pause video on 1:51 my friend. It's busybox, right?. :)
They are old, cheap (~US$2.50 at junk shops), and just keep on working. I use 'em when setting up freebie 2-4 computer networks for needy families here in the North Bay (They need to come up with the loot for the DSL). The computers are usually 5+ years old, usually with between a quarter gig and half a gig of RAM, but perfectly functional. Most were saved from being scrapped by idiots who think they have to upgrade all the hardware when microsoft rolls a major rev.. The computers run Slackware (a much modified Slack12+KDE 3.X that I originally built for my technophobe Mother), the routers run Tomato.
Yes, DD-WRT is also a good option. I use it in the router in the barn's "club-house".
THAT said, know what you are purchasing when it comes to old hardware. Not all of the WRT54G series works when it comes to this kind of option. I almost never recommend Wiki, but in this case they have a fairly decent overview. See:
http://en.wikipedia.org/wiki/WRT54G
http://en.wikipedia.org/wiki/Tomato_Firmware
http://en.wikipedia.org/wiki/DD-WRT
Maybe you could even give people free internet access by means of directional WLAN antennas. Google for "cantenna". It is very simple, yet effective. Make sure you have line-of-sight, though.
You can easily get several kilometers with those surplus soup-cans.
i dont think the GL was the most popular. The WRT54G series (No L or GS) were probably the most popular as a series. Only a couple of versions cant run 3rd party firmware, but the firmware is limited. Adding a USB port or other storage device to them of course extended this.
My WRT54GL just wont die. Lighning storms have made the outlet it's connected to spew out fire and sparks, two summers in a row. Each time I just replaced the wallwart. The second time it happened I got a surge protector, which helped the situation in that every other outlet started spitting fire.
Losing the wallwart isn't even that big of a deal even for the internet addict, WRT54GL isn't too fussy about power, will run off of almost anything, the battery in your smoke detector (a minute or two), the batteries in that 80s boombox you still havent thrown out, or even a car battery will do, enough to tide over the addiction until the shops open and you can get new wallwart..