Security check advice for my RT-AC68U

[wahoowad]

I'm still running my AC-68U in home wifi router mode. I'm a bit lax in updating it, just did it today after not doing it for a couple years. I stay on top of all my devices and keep them up to date and am going to get check for ASUS updates more frequently going forward. I had a bad update a few years back so have been hesitant to let it perform auto-updates. Should I turn that on? Our internet provider often has outages so I'd like to somehow know when the router may be down due to a bad update or if it is the provider internet just down again.

Hope someone with more knowledge than me can give some advice about a few things. I don't understand the implications of enabling certain things, or if the ASUS implementation is robust enough to rely upon.

Ran the security scan. My router login is 'admin' but I have a complex password. Is it important to also change the name? Are any of the other items no-brainers to turn on?

Should I enable the Trend Micro protection?

Should I enable DoS Protection? I know what this is, not sure why I have it turned off.

I'm using WPA2-Personal/AES. Is this adequate or should I consider Enterprise?

We currently have NordVPN for our devices although I'm not familiar with the advanced featues. Should I add it to the router?

Thanks for any input!

 

[bbunge]

I'm still running my AC-68U in home wifi router mode. I'm a bit lax in updating it, just did it today after not doing it for a couple years. I stay on top of all my devices and keep them up to date and am going to get check for ASUS updates more frequently going forward. I had a bad update a few years back so have been hesitant to let it perform auto-updates. Should I turn that on? Our internet provider often has outages so I'd like to somehow know when the router may be down due to a bad update or if it is the provider internet just down again.

Hope someone with more knowledge than me can give some advice about a few things. I don't understand the implications of enabling certain things, or if the ASUS implementation is robust enough to rely upon.

Ran the security scan. My router login is 'admin' but I have a complex password. Is it important to also change the name? Are any of the other items no-brainers to turn on?

Should I enable the Trend Micro protection?

Should I enable DoS Protection? I know what this is, not sure why I have it turned off.

I'm using WPA2-Personal/AES. Is this adequate or should I consider Enterprise?

We currently have NordVPN for our devices although I'm not familiar with the advanced featues. Should I add it to the router?

Thanks for any input!

Well, security is in the eye of the beholder..
But, there are things you should change: Turn on AiProtection, disable WPS, turn off UPnP, change the "admin" user ID, Disable web access from WAN and make sure the firmware is up to date.
WPA2-Personal is OK unless you have a neighbor who is skilled enough to crack WPA2.
Some would say to not use the Trend Micro AiProtection. I run a web server behind my router with port forwarding enabled and AiProtect does catch the bad actors trying to hack the server.
But, in the end the choice to improve security is up to you....

 

[ColinTaylor]

Disable web access from WAN.

You can also disable WPS as it's rarely used. Everything else looks fine but you should keep the firmware up to date.

Whether you feel you want to enable AiProtection is up to you. Personally I don't use it.

If you're not technically minded don't run the VPN on the router, leave it on your devices.

 

[wahoowad]

Thanks. Doing all these right now.

I went to change the admin account name and it said I already have an account with the name I was planning to use. I do have this other user account in my password manager but I don't see a way in the admin screens to view/modify these other accounts? Probably right in front of my face but can someone tell me where to find it?

 

[wahoowad]

Ahh, OK I see. I have a couple accounts setup for USB access back when I played with remotely accessing some data. I don't bother with that so I think I should be able to delete those USB access accounts and then rename the admin account to the username I want to use.

 

[ColinTaylor]

You might have another user account setup for USB > Samba and/or FTP. Be aware that turning off UPnP may cause problems for some devices like Xbox/Playstaion multiplayer, remote camera access , etc.

 

[wahoowad]

Hmmm, nope. Can't find those USB access accounts I set up. Is there somewhere I should look?

 

[wahoowad]

You might have another user account setup for USB > Samba and/or FTP. Be aware that turning off UPnP may cause problems for some devices like Xbox/Playstaion multiplayer, remote camera access , etc.

Thanks, we don't do any of that here

 

[ColinTaylor]

Hmmm, nope. Can't find those USB access accounts I set up. Is there somewhere I should look?

Sorry, we posted at the same time so I'm unsure whether or not you solved your problem. My post was referring to USB Application > Servers Center > USB Application - Network Place (Samba) Share / Cloud Disk.

 

[wahoowad]

Interesting. It won't let me change the admin username. I have attempted to do it twice, each time it says I entered the wrong password. I logged out and back in to confirm I had the right password and I can log in with it. Seems like a bug?

 

[ColinTaylor]

Interesting. It won't let me change the admin username. I have attempted to do it twice, each time it says I entered the wrong password. I logged out and back in to confirm I had the right password and I can log in with it. Seems like a bug?

Yeah, I think this has been commented on before (possibly a bug in an old firmware). I wouldn't worry about. My username is also admin. Just as long as you have a sensible password for it and the rest is secure.

 

[wahoowad]

I did find the accounts in the USB Application area. Thanks! I deleted the old accounts except for one account that it just won't delete. It won't even let me select the account so the delete button doesn't activate.

 

[ColinTaylor]

Ah yes, this problem. Asus messed things up with the way this works.

There is always one account there, which is the admin account. Is "leslie" the new name of your admin account, or simply just wrong?

 

[wahoowad]

Ah yes, this problem. Asus messed things up with the way this works.

There is always one account there, which is the admin account. Is "leslie" the new name of your admin account, or simply just wrong?

That account was created a couple years for her to backup pictures to an attached USB device. We now just use the cloud no so no USB device connected. I can't select that count to delete it or view the settings. It just acts like text when I click on it.

There was an account named admin here too, I deleted it. Hope that wasn't wrong. I can still log in using the system admin account.

 

[ColinTaylor]

That account was created for her to backup pictures to an attached USB device. We just use the cloud no so no USB device connected. I can't select that count to delete it or view the settings. It just acts like text when I click on it.

There was an account named admin here too, I deleted it. Hope that wasn't wrong. I can still log in using the system admin account.

OK this is a problem that's been seen before. To try and fix it I suggest you do the following.

1. Enable SSH access to LAN in the router's GUI.
2. SSH into the router.
3. Run the following commands. The router will reboot.

nvram unset acc_list
nvram unset acc_webdavproxy
nvram commit
service reboot

 

[wahoowad]

I enabled SSH but it is recognizing me as my local PC domain user /domain/userd@192.168.1.1's password and not the admin password. How do I tell it I'm authenticating against the router admin account? I initiated via DOS cmd window ssh 192.168.1.1

 

[wahoowad]

well, that's not my local PC IP (thats the router) but it is still treating me as my laptop user

 

[ColinTaylor]

ssh admin@192.168.1.1

 

[wahoowad]

That did it. Thanks Colin!