
DD-WRT, I Know Where You Live - r11t
http://www.devttys0.com/2010/12/dd-wrt-i-know-where-you-live/
======
frou_dh
DD-WRT seemed decidedly "bloated" after I found out about Tomato. Maybe that
is unfair or ignorant on my part, but do check out Tomato if you are
considering DD-WRT.

<http://www.polarcloud.com/tomato>

~~~
djacobs
Why are the only routers supported using 802.11G? I got one of the Buffalo
300N routers and was looking forward to trying this instead of DD-WRT.

~~~
nuclear_eclipse
I assume it's because the developers of Tomato don't have any of the newer
routers to attempt supporting them. There are a few other options for the
G300NH, including OpenWRT, but I've just decided to stick with DD-WRT because
it seems to have the best overall feature set.

------
Pent
So by visiting his blog we are essentially letting him use rebind on our
connections? ;)

------
jpcx01
Some background here would be really nice (for us non device hackers). Who
exactly would have DD-WRT on their routers? Is it something you have to
install manually?

edit: i should have googled before asking :-). Apparently it's a custom
firmware for linksys routers. Looks like you have to go through a lot of
trouble to get it installed, so I'm sure the overall userbase is pretty small.

~~~
reeses
There was enough demand that Linksys created models just for this purpose (the
WRT54GL and friends).

It's an easy upgrade for a technical person. Download custom firmware, upload
to router, reboot. The same people who would upgrade their own firmware from
Linksys can install dd-wrt, Tomato, hyperwrt, etc. Admittedly, that's a small
slice of the population but a large number of people.

~~~
jimmyjim
For what purpose exactly would you want to put custom firmware on it? Why
isn't the stock firmware good enough? I've a WRT54G router -- do I have any
good reason to use any custom firmware?

I'm guessing it's just for hobbyists -- "just for the fun of it" kind of
thing?

~~~
potatolicious
Older WRT54G's handled BitTorrent traffic terribly. The router will go and
kill itself once every 15 minutes or so, necessitating a power cycle. In fact,
power cycling the router became a normal part of its use.

DD-WRT (and Tomato) were very, very good solutions to this. Still are - there
are still a number of popular routers out there where the stock firmware will
choke on BT.

~~~
pyre
Once the number of connections through the router reaches a certain point (in
relation to BitTorrent traffic usually), the total d/l bandwidth (on any
protocol) through the router dropped to ~30kB/s, in my experience. This is how
I knew that it was time to power-cycle the router. Then all of the sudden all
of my connections were flying again.

------
jberryman
For those not familiar with the whole router firmware hacking thing, here is
the backstory

[http://www.wi-
fiplanet.com/tutorials/article.php/3562391/The...](http://www.wi-
fiplanet.com/tutorials/article.php/3562391/The-Open-Source-WRT54G-Story.htm)

Also in addition to DD-wrt there is openwrt which I've got running on my
router, and probably a number of others.

------
jared314
"Info Page" setting he talks about is:

Administration tab > Management sub-tab > Web Access section > "Enable Info
Site"

------
blinkingled
My SVN build of DD-WRT has a "No DNS Rebind" setting defaulting to true. Not
sure if this prevents the attack - couldn't find easy steps to reproduce in
order to verify.

------
djacobs
Is there a solution to this yet? He says it affects you whether or not you
have the info page enabled.

~~~
EastSmith
The solution is to password protect the info page. I also checked if there is
new firmware. Also, on my Buffalo I just set up SSH and stopped httpd. Didn't
know how to do it, so I read here [http://www.dd-
wrt.com/wiki/index.php/Telnet/SSH_and_the_comm...](http://www.dd-
wrt.com/wiki/index.php/Telnet/SSH_and_the_command_line) and here
<http://www.howtoforge.com/ssh_key_based_logins_putty>

------
ck2
I wonder if Tomato is affected.

I randomize the two mac addresses weekly anyway.

~~~
jedsmith
> I randomize the two mac addresses weekly anyway.

Why?

~~~
ck2
Paranoia.

It's also a guaranteed way to get a new external IP assigned, even when
renewing your DHCP lease fails to.

~~~
newman314
Do you have a script to do this or do you do it manually?

~~~
ck2
Manually.

I wish I could tell it to randomize when I shutdown but that would be pretty
difficult to accomplish.

I wonder if I could make Tomato randomize them on startup (I power the router
down nightly).

