I’ve been asked a few times now for my recommended DD-WRT settings, or at least my good-enough settings. I think that’s a great idea, so I’ll walk through how I configure a DD-WRT router. Follow these steps and I can almost guarantee you’ll have the most secure network on your block.
For the purposes of this tutorial, I am going to assume you are configuring DD-WRT as your primary router.
I’ve long recommended hard-coding your DNS settings as a performance and reliability enhancement–here’s my guide for that–but it turns out it can be a security enhancement too.
Botnets targetting routers aren’t new at all, but there’s a particularly nasty one named Moose running around right now. Among other things, it changes routers’ DNS settings to point to rogue DNS servers that allow the attackers to steal your social media credentials, furthering the bot. Read more
I scan the network I’m paid and sworn to protect on a nearly daily basis. I experienced a problem with the account I use for that, and I tested by scanning a small quantity of machines (my own and my cubicle neighbor’s) with my own account to make sure the problem was the account, not the tool.
Fixing the account has become a problem–my boss’ problem now–but when I told him about it, I said I could scan the network with my personal admin account, but didn’t want to. One reason has to do with liability and HR. The other, believe it or not, is technical.
I read a story last week about an insanely fast router that can run at up to 5.3 gigabits, far faster than even the crazy-fast gigabit Internet service that only a lucky few people are able to get. The article questioned what anyone would do with it.
Think beyond network speeds, though, and there’s a lot you can do with that power.
“Oh, so you think you’re Mr. Genius Man,” the crackly voice said, drowned out by static caused by his cheap VOIP connection. “Enjoy your broken computer, Mr. Genius Man. Goodbye, Mr. Genius Man.”
So ended 23 minutes of my life that I’ll never get back, but I figure it’s 23 minutes he wasn’t spending scamming someone else. I don’t do it often, but my kids were playing nicely and we were all in the same room, so I guess I don’t regret it too much. Read more
I’ve been noticing a lot of slowness that I’ve traced to DNS issues lately, typically with the caching DNS in routers. It happened to me, and it happened to my mom. We have different routers from different manufacturers, and they probably even use different embedded operating systems. Hers almost assuredly runs Linux; I have an oddball one that runs FreeBSD.
But the caching nameservers aren’t working well lately. I haven’t investigated why just yet. The solution I found was to hard-code the DNS settings on all my computers rather than letting them pull it from DHCP (my oddball router won’t let me specify external DNSs to use–lovely). Be sure to pick the best ones for your network.
Making that simple change fixed my mom’s dog-slow computer, and fixed my unreliable one.