> Ummm. I use an ASUS router, the RT-N66U - AKA the black knight. Best ADSL router I have ever owned - never drops, never goes MS 365 and just works.
What does this have to do with security? And I don't understand the MS 365 ref..
> I use Merlin's firmware though. BUT the first thing you (or anybody should do) is change the default user name/password, make sure the WAN is not open to the Internet, and if you are paranoid, set up a DMZ to 0.0.0.0 to forward all requests to that (unless you have other things to do with it).
The average user shouldn't have to do any of these things. Especially change to a 3rd party firmware. If the web UI or any other service is available over the WAN interface, the firmware is already shit. A strong wifi security configuration should be configured out-of-the-box, with the randomized SSID and password printed on the packaging, along with randomized admin ui creds. Changing default passwords on any device is common sense, but the vast majority of people with internet access are far from being technophiles.
> OK, the software that comes with these routers is pretty crap sometimes, but I would say a lot of the time it the end user at fault.
> I mean, for a new router, you have to have default admin/password to allow the user to get going...
You just contradicted yourself, is it the users fault, or the crap firmware that has non-randomized default credentials?
I seriously hope your handle isn't a spin on Linux... or at least that it's not your profession.