Why You Should Consider Using a DD-WRT Router

Wi-Fi Security

DD-WRT is third-party firmware designed to upgrade and enhance the functionality of OE wireless internet routers by replacing the router’s original, integrated firmware. The big question is, “Why would you want to replace the original firmware?”

The problem with the original firmware is that router manufacturers often intentionally limit their product’s full capabilities. The limitations are designed into the preinstalled firmware. DD-WRT does not impose those limitations, allowing your router to become powerful enough to rival those used in enterprise IT environments. Using a DD-WRT router unleashes a variety of ways to realize enhanced performance and functionality. Even better, it doesn’t cost you a dime.

Benefits of Using DD-WRT

It’s one thing to have expanded power, but the real benefits are derived from knowing how to harness it for your benefit.

If we were to list all the benefits you can enjoy from using DD-WRT, the list would be longer – much longer than we have space or time to list here. So, is a short list of what we consider the top features and benefits of DD-WRT:

  1. IPv6 support. With IPv4 addresses becoming increasingly scarce, you’ll appreciate DD-WRT’s built-in IPv6 support.
  2. Advanced Quality of Service controls are available on some DD-WRT builds.
  3. A highly configurable and very powerful firewall that is based on iptables firewall construction. You can easily edit the iptables firewall via DD-WRT’s interface.
  4. DNS controls such as DNSmasq, which allows simplified DNS configuration behind the firewall and makes host-name lookup faster. You also get support for DNS providers such as No-IP, TZo, DynDNS and others.
  5. The access point is visible only to your wireless clients, preventing inadvertently giving access to each client’s shared files.
  6. Easy access to multiple source access-control solutions such as WiFiDog, HotSpot System, ChilliSpot and others.
  7. Extensions, extensions, and more extensions. You can add functionality far beyond the original limitations of the router, such as external USB connectors.
  8. DD-WRT plays well with VPN. Instead of configuring each of your devices to connect to a VPN (*ahem* Ghost Path) you can configure the router itself to connect over VPN, protecting all devices on your network.

The best thing is that DD-WRT is FREE! Well, at least for now.

Securing Your Entire Home

Because your home network gains the power of an enterprise-level router, you also get better security. No more neighbors stealing your Wi-Fi connection!

For one, DD-WRT ignores unrequested packets that go through your WAN port, making it difficult for a hacker to even know that you have a network there. It even provides better protection against Trojans, which do not pass through your Internet connection, hence, bypassing your firewall.

You gain a range of security protocols to make your Wi-Fi secure. There’s WPA that even supports RADIUS, there’s TKIP, AES and a combination of both. There’s WPA2 and WEP. You can choose the safest options: WPA + AES, WPA + TKIP + AES. Or, if you are feeling generous, you can disable these protocols and give Wi-Fi access to those who can see your network. Setting up security for your DD-WRT router is very easy, using its Web-based interface.

Again, DD-WRT’s built-in VPN connectivity allows you to automatically send all your network traffic over the VPN, greatly increasing security.

Need to Know

There are some things that you should know before trying, installing and using DD-WRT firmware for your router. First, using DD-WRT invalidates the manufacturer’s warranty support for your router. This is no different than what typically happens when you make performance-enhancing changes to your car. You will not be able to call Linksys, D-Link, NETGEAR, and others, if something were to go wrong with your router. Be sure to research the ramifications as well as the benefits before you modify your stock firmware with DD-WRT.

Second, it is entirely possible that your router will be bricked, turning it into a lovely paperweight. As with modifying anything, there is always the potential for suffering other unintended consequences. So, again, do your homework and weigh the risks before installing DD-WRT.

Third, manufacturers aim to make it easier for non-technical users (un-geeks and anyone over 55) to tinker with and install their routers.

The grass may be greener on the DD-WRT side of the fence. Just be cautious when scaling the top of the fence and be especially careful of what you land in.

Analyzing the 1000 Most Common Wi-Fi Network Names

Wi-Fi SSID

I recently came across a list of the 1000 most commonly used SSID’s and thought it would be fun take a quick look at it. If you didn’t already know, SSID is the technical term for the name of your wireless network.

Here are some of the most interesting things I gleaned from the list. The percentages below represent how often the SSID shows up in the total list of SSID names survey, not just the top 1000 SSID’s.

  1. No name, or a hidden name, is really popular. Over 2.3% of the SSID’s examined had no name, a hidden name, or something similar.
  2. Routers that come with a predefined network are popular. AT&T’s Uverse routers are a good example and come with a pre-defined wireless network that includes a name like “2WIRE199”.
  3. Netgear also sells routers that come with predefined network names. “NETGEAR00” through “NETGEAR99” are all names that make it into the top 1000.
  4. “default” (0.6%) and “home” (0.3%) are used quite commonly
  5. Hotels, such as “Marriott_Guest” (0.01%), “Hyatt” (0.01%), “hhonors” (0.06%), and “laQuinta” (0.01%) make the top 1000.
  6. Among SSID’s named after people, “Alex”, “David”, “Mike”, and “John” lead the way.
  7. My personal favorites from the top 1000: “pretty fly for a wifi”, “skynet”. “boobs” was not in the top 1000, sadly.

Why You Shouldn’t Be Using a Common SSID

If I can find a list of the 1000 most commonly used network names then I know that the bad guys can too. Most of the time people allow network names to be broadcasted from the router, but a higher-security option is to not broadcast the name and require that users connecting be able to specify the network’s name and key. If you don’t broadcast your SSID then you certainly wouldn’t want to compromise that bit of security by using a frequently used SSID.

Now, let’s talk about Uverse for a second. People know how Uverse routers are setup generally. They know the number of characters in the network key and the character-set. Knowing these details makes it fairly easy to brute-force guess the network key. I believe that Uverse routers use only numeric characters in the network key… how much simpler could it get? If you use Uverse at home then you should immediately change your SSID and network key away from the defaults. It’s not hard to do and will greatly increase your security at home.

Photo Credit: woodleywonderworks via Compfight cc