Tuesday, February 12, 2013

Why can't I find a highly rated gigabit wireless router that disables wireless administration?

I've used Linksys routers for quite some time.  After spending a good five years going through Netgear routers like toilet paper in the early 2000's, Linksys saved my sanity with the bullet proof WRT54G.

One of the best, yet potentially overlooked, features of that router (as well as other Linksys routers) is the ability to turn off wireless administration.

After all, why would I want someone to be able to do this?  The biggest issue with wireless access is locking it down; hence WPA2, MAC filtering, etc.  If it's a vulnerability that doesn't involve someone having physical access to your home, then why would I want to bet the house on red and allow settings to be changed?  I like my DNS settings just as they are, thank you.

From what I can gather, Linksys and I are the only people who seem to share awareness of this issue and the feature that prevents it.

My current router (a Linksys e1200) has been functioning just fine, but I want to update my network to gigabit ethernet.  That said, finding a router with favorable ratings and the ability to disable wireless administration is proving fruitless.

So far, I've tried:

  • Apple Airport Extreme: solid as solid gets in terms of hardware; very fast, excellent UI, very responsive, but no lockdown of wireless administration.  Even more disturbing was the Airport Utility's ability to maintain a session for administering the router that didn't expire, or at least didn't appear to.  I asked about this feature on the Apple discussion board, and was largely disregarded as a tinfoil hat wearing clown.  If Apple fixes this issue, I'll buy one the day it's fixed.
  • D-Link DIR-655: I tried this one last summer, and I can't remember all of the details of my experience.  The only thing that stands out in my mind was that I was laughing out loud at the firmware when I was trying to configure it.  Perhaps I should give it another try given that it has largely positive feedback.  I don't know if you can lock down the wireless admin setting though.
  • Asus RT-N66U (and RT-N66R): I have the R; the U and R are functionally equivalent except one is sold in brick and mortar stores and the other online only.  The firmware is pretty decent overall; considerably more responsive than that of the Linksys when using SSL.  However, I still can't block wireless admin.  It does let me set what port the router listens to for admin, so I'd be content if I could block wireless clients from hitting certain ports, but alas this option doesn't exist.  Admittedly, I haven't tried it out yet, so I can't attest to how good of a router it is in general.
That said, I haven't tried:
  • Linksys E4200: I have a feeling this has the setting I want, but it really seems to draw the ire of online review writers everywhere.  That said, it appears to have been succeeded by the...
  • Linksys EA4500: yet another Linksys product that is drawing some serious negative attention.  I generally consider anything that has over 50 reviews and a score below 4 stars to be of mediocre quality, and generally unacceptable for a mission critical device like a router.  This is managing 3 to 3.5 star reviews on both Amazon and Newegg (though the crowd on Best Buy appears to be happy), with issues ranging from constant connectivity issues requiring reboots, to outright failures within a few months.  Also, it sounds like the GUI was updated, so who knows if my precious wifi admin banhammer still exists.
I'm open to suggestions from others for routers I should try or avoid.  I'm a self confessed pedant and elitist when it comes to consumer electronics (which is likely evident from the above post), so don't be offended if I end up not being a fan.

3 comments:

  1. This comment has been removed by the author.

    ReplyDelete
  2. Have you checked out dd-wrt? If the hardware is supported, then you don't need to worry about the manufacturer's idea of good software.

    ReplyDelete
    Replies
    1. I've looked at it before. I think I installed in on my current router but it had some bizarre issue related to the dual band radios. If I remember correctly I couldn't name the two networks the same. That may be wrong, but it was a surprisingly big gap in dual band support.

      It does look like you can install it on the Asus RT-N66U, but the install looks a bit sketchier than it is with other models where it's just a simple flash: http://www.dd-wrt.com/wiki/index.php/Asus_RT-N66U

      I'm on the fence as to whether or not I want to mess around with DD-WRT on this particular model.

      Delete