Fr Robert Ballecer, SJ? With the recent KRACK vulnerability discovered and the fact that my ro...

[G+_James Berry]

Fr. Robert Ballecer, SJ? With the recent KRACK vulnerability discovered and the fact that my router is a Linksys EA3500 (firmware updated late 2014), is there a good option to either change to OpenWRT/DDWRT or am I better advised to save up some pennies and invest a newer more frequently updated piece of equipment (Synology/ASUS/etc). Perhaps this could be covered on an episode?

 

Thanks for the help. Jim

[G+_Ben Reese]

In my opinion, a "premium" brand router (I'm thinking Synology, Ubiquiti, Eero...) is probably the best option to stay up to date on security concerns. I love DD-WRT and OpenWRT, but I suspect they're just as vulnerable to KRACK. And though I'd like to think they'll get updated soon, there will always be some devices left behind.

 

That said, it's probably not a bad idea to put an open source firmware on your router. I recently found out that most of the OpenWRT development went over to the LEDE project. Here's the link to the LEDE info for your router: https://lede-project.org/toh/hwdata/linksys/linksys_ea3500

 

I'm really not sure what the next step is beyond that to protect against KRACK. I have a couple OpenWRT devices and DD-WRT routers that probably aren't in any nightly builds - let alone stable release cycles. I guess I'll be seeing if there's a patch I can install.

[G+_Alex Martinez]

They seemed to already updated ddwrt firmware with the krack patch

[G+_Ben Reese]

Yup, DD-WRT and OpenWRT/LEDE have already parched - at least for beta. Problem is there may still not be a build for every router.

 

On the plus side, I've heard a few times that Access Points aren't necessarily vulnerable unless they're acting as a client gateway or repeater. The attack is on the client, not the AP. Still worth updating though, in my opinion.