Get patching
But first you have to admit you bought a router that was this ugly.
Asus RT wireless routers have joined the SOHOpeless list – with poor cross-site request forgery protection affecting 30 variants of the devices. The design blunders, labeled CVE-2017-5891, hit RT-AC and RT-N variants using firmware older than version 3.0.0.4.380.7378. The lack of CSRF protection means that if the user has …
Shibby Tomato runs like a champ on the RT-N53 (yeah yeah it sucks but at time I bought, only 5GHz wireless N bridge under $75) I am using as a wireless bridge. Of course I am running version 120 which is several years old but less bloated and more stable at least for me. Finally retired the WRT54G I had running Shibby tomato with the 2.4 linux kernel. That thing would boot up in 10 seconds flat even with a much slower cpu.
>AdvancedTomato - based on shibby's builds but with a way way better ui.
Yeah I tried that one and its great to have more options but imho its simply another flat millennial html5 UI made for your phone using the latest greatest that just bloats things up and slows down the router's primary purpose. The older less bloated UI works just fine for me (but then again pretty much definition of router nerd who does most stuff with the CLI anyway) but like I say horses for courses.
The OS is already open source, you can find it on the Asus web site (for example, here's the code for the RT-N66U). You have to select 'Others' as the OS on their site.
Although most people use Merlin's fork of the Asus code.
They have known about their vulnerability since January, and it's still not patched...
http://blog.ioactive.com/2017/04/linksys-smart-wi-fi-vulnerabilities.html
"discovered 10 bugs, six of which can be exploited remotely by unauthenticated attackers.
Hackers can exploit two of these to DoS the router. Other vulnerabilities allow for the collection of sensitive data such as firmware and Linux kernel version, running processes, connected USB devices and the Wi-Fi WPS pin.
Unauthenticated attackers can also access the firewall configuration, read FTP configuration settings and extract the SMB server settings, Sauvage explained.
However, the most serious could allow attackers to execute commands on the router OS remotely with root privileges, giving them persistent backdoor access."
>@John 104, even those rockin' the dinosaur Linksys WRT54G* with third party firmware?
Like I said with that linux 2.4 kernel it boots in 10 seconds flat and sadly is probably more secure than any consumer router oem firmware out there. 2.4GHz sucks for anything but web browsing in general though.