security

For home use is there any benefit to having DNSSEC enabled. Although I currently have it enabled (along with Rebind protection) I feel that maybe it's overkill and has a detrimental effect on my home internet, as an example both Reddit and Amazon can be slower to load, with Reddit quite often...

Has anyone checked to see if they send anything home? Does anyone wonder if they have a backdoor into your router? Thanks

If my router is set to “disable IPv6,” can I still point it to a DNS provider’s IPv6 address? And if I can, does this entail the same security downsides that allowing IPv6 more generally entails?

Anybody have any experience using one of these? Thoughts? https://store-us.gl-inet.com/products/brume-3-gl-mt5000-high-speed-vpn-security-gateway

Hello everyone, I'm having an issue with one of my clients who uses a mesh network with an Asus ZenWifi Pro XT12 as their main router. It seems an incoming connection (IP address 45.227.253.13) is repeatedly attempting to connect remotely. This appears to be a bot attempt. The message in log is...

Security Problem on Asus RT-BE88U same on RT-AX88U re Dual WAN Enabled - Running Merlin 3006.102.6 on RT-BE88U re below 4 screengrabs. Trend Micro Ai Protection is enabled and upon pressing the “Scan” button reports that all is secure. Now Enable Dual WAN at “WAN” > “Dual Wan” Tab – allow...

Disclaimer: I'm by no means a security expert, and I acknowledge that some of the issues I found after installing AdGuardHome could be caused by my own configuration mistakes, or might have nothing to do with AdGuardHome. I installed AdGuardHome today (version 1.9.3, via amtm). I'd been...

📌 Skynet v8 - Router Firewall & Security Enhancements The largest upgrade in Skynet’s 11-year history Built exclusively for ASUSWRT-Merlin, Skynet v8 delivers a fully modernised codebase with major performance, reliability, and maintainability improvements - while keeping the familiar...

Per the title, how secure it she backhaul channel. I am setting up a pair of AX92U that are tri-band. 5ghz-2 to be the dedicated backhaul. * This is a sports scoring system that moves from venue to venue. * Purpose is to replace a hard wire that currently runs about 40 feet but typically...

Today I run a port scan to my Asus RT-AX86U router running firmware 3004.388.9_2. To my surprise, I discovered that my SSH port is opened to WAN even though I have set it to "LAN only". Meaning, the "LAN only" setting is not in action at all! When I try SSH to my external IP address, the...

Posting it here as I would like to understand if and how ASUS routers are affected, and if affected is there mitigation. Please move post as applicable. from https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2025q3/018288.html

Hi, I'm getting 8 connection attempts per minute around the clock, or about 11500 per day. Is this normal? It seems a lot to me. What about you?

Hey all, I listen to the Security Now podcast, and on this week's Episode Steve mentioned a 9.8 rated CEV targeting Asus routers. I'll have to go back and listen to the podcast again once it posts, as I like to watch it live. What I'm curious about is, what all do these vulnerabilities affect...

Merlin feature request: Two factor authentication web login. (TOTP - Time-based one-time password) I think this would benefit PAM (Pluggable Authentication Modules) authentication the routers use. For those that have no idea what I’m talking about it’s a security feature that requires you to...

This might be rather uncomfortable for the Linksys folks... Their SmartWifi solution is storing the WiFi credentials in plaintext up in their cloud servers... https://stackdiary.com/linksys-velop-routers-send-wi-fi-passwords-in-plaintext-to-us-servers/

This had some traction over in AsusWRT-Addon's thread... I would post there, but the thread was closed. https://www.snbforums.com/threads/backdoor-in-linux-xz-utils-on-linux-distros.89469/ A couple of good write ups and analysis for this CVE are below...

Might have slipped below the radar - but Android and Routers have an issue here... https://www.top10vpn.com/research/wifi-vulnerabilities/ wpa_supplicant: CVE-2023-52160 IWD: CVE-2023-52161

Let's assume you like to rotate your WPA2 shared secret (SSID passphrase) once a year. How do you do it without downtime and with minimal fuss? Is it possible to do it without changing SSID? Here's how I do it: Start with existing SSID `wireless-net` Add new virtual SSID `wireless-net-A`...

It's found on go, but this is something of interest to many... https://rachelbythebay.com/w/2023/10/16/env/ Be safe out there...

The current firmware is using OpenSSL 1.1.1, which already ends support in September 2023. This means that it is no longer possible to get public security updates since last month. I still remember that it took about a year to migrate from OpenSSL 1.0.2 to 1.1.1 in 2019. I know there's so much...