Last year I bought my mother in law a D-Link router, an oddball DIR-615 revision E1 that was only sold at a few stores. It was supposed to be a Fry’s exclusive, but I bought hers at Micro Center. It worked for a while, then gave her trouble, so this year I was working with it again, and when I was setting it up, I noticed it had some security vulnerabilities–remote code execution, UPnP vulnerabilities, and who knows what else. So that got me some practice upgrading a D-Link DIR-615 to DD-WRT.
DD-WRT’s track record and attitude towards security research could be better, but I’d rather trust my mother in law to DD-WRT’s B+ security than D-Link’s F.
The problem is finding the appropriate build of DD-WRT.
Navigate to the DD-WRT download site, scroll to the end, and click on the most recent date. New builds appear about once a week on average, so that’s why I don’t provide a direct link. Scroll down to whatever variant of the DIR-615 you have, and download it.
I downloaded the factory-to-dd-wrt.bin image for first installation. You need this for the initial upgrade to DD-WRT; for upgrading from DD-WRT to a newer DD-WRT, you need the second image, which is a bit smaller.
Then I plugged in straight to the router and navigated to http://192.168.0.1 and logged in. Then I navigated to Tools, then Firmware, clicked the Browse button, navigated to the .bin file I downloaded from DD-WRT, and clicked upload. It didn’t work with IE, so I had to use Firefox.
The page warned it would take 120 seconds. Lights flashed on the router from time to time to indicate it was doing something. Then it attempted to reload a now-non-existent firmware_upgrade.cgi.
I needed to reconnect, but I needed to know where to reconnect. So from a command line I ran ipconfig and saw that my IP address had changed to the 192.168.1.x range. So I pointed my browser at http://192.168.1.1 and saw a DD-WRT page prompting me to change the admin password. Good. I did that, then proceeded to configure the router.
Critically, I set the wireless security settings to WPA2 personal, and AES for the WPA algorithm. I have more recommendations for setting DD-WRT up securely if you’re interested.
WPS was off by default, which was good. Being able to disable WPS was the single thing D-Link got right. But it’s even better to force you to turn it on.
Everything was great, except when I tried to connect to the web, nothing worked.
The ISP had her on a 192.168.1.x network upstream, which is fine, but it means you can’t have a 192.168.1.x network locally. I was making the poor router run in circles trying to get to Google. I always recommend moving off 192.168.0.x or 192.168.1.x, and this reinforces that.
The other issue I found is that the wired port indicators don’t work anymore. That’s more of an annoyance than anything.
So, as you can see, DD-WRT requires some serious configuration to get working. It’s not something you can just plug in and run with. So the best advice I can give, if you’re not an IT pro, is to note how your router was set up beforehand, especially its network settings. Then after upgrading, set up DD-WRT to match it as closely as possible. That will give you fewer problems in the end. If you are an IT pro, setting up DD-WRT is a good way to get a little bit of practice.
But the best thing: it allowed me to put year-old hardware that was never safe to use in the first place back to good use, save money, and keep perfectly functional hardware in use rather than having to send it to a recycler. That’s good.