[sf-lug] crackers may target routers, here are some defence ideas such as OpenWRT

Rick Moen rick at linuxmafia.com
Wed Aug 19 13:48:37 PDT 2015

Quoting Alex Kleider (akleider at sonic.net):

> There appears to be some confusion between OpenWRT and dd-wrt.
> I'm not up on these matters but I seem to remember being told that
> there are some fundamental differences as to 'open'ness.
> Can any one add to this (or refute!)?

To answer your question directly:  Yes, major parts of dd-wrt's
architecture are proprietary, and it's maintained by just one guy behind
closed doors.  OpenWRT is developed in a transparent fashion, has no
proprietary components, and is modular and extensible.

One factor that sometimes dictates choice is hardware support:  You
might find that a SOHO router model you own is on the hardare support
list for one of dd-wrt vs. OpenWRT vs. Tomato but not the others.
(Obviously, it's better to check hardware support pages before buying.)

It is very definitely _not_ necessary to buy one model of SOHO router
vs. a different model based on the preload.  Installing one of the Linux
distros is simply not difficult.  I'm sure Buffalo makes perfectly OK 
hardware, but it'd be crazy to buy its products just so you can get
OpenWRT.  Instead, buy a router unit listed on your desired distro's 
support pages as having excellent support, and then blow away whatever's 
on its flash storage with your desired router distro.  This is an
extremely good idea to do on security grounds _anyway_.  No offence to
Buffalo Technology, but I know no earthly reason for trusting what they
or anyone else puts into router firmware when you can just install
your desired distro and know absolutely and for certain what's there.

More information about the sf-lug mailing list