Posted: Mon Jun 12, 2017 15:10 Post subject: Newbie seeking for directions: DD-WRT, LEDE, or else? Why?
Hi there!
While trying to get a grasp on the various community embedded router OSes (or firmwares?), this is what I have found on Hacker News and other discussions (by all means, correct me if I'm wrong!): OpenWRT was the original, then recently the whole OpenWRT project got to reinvent itself as LEDE for some reason, but hasn't shipped anything final yet under the LEDE name. DD-WRT added a layer and GUI over OpenWRT(?) as I read. Some commercial offering also ship with DD-WRT as default firmware. Now, this may be debated, but which of the two was/is the more beginner and user friendly, and which one is aimed at more advanced or power users in general? OpenWrt or DD-WRT?
How much is the DD-WRT project alive, from 1-100%? What it is based on these days? (Thinking of the OpenWRT > LEDE story.) I'm asking because:
- I just got my hands on an old router with some version of DD-WRT already flashed on it, tried to follow the instructions on the Wiki to feel more in control of the device, found the relevant links dead... but that's for another story.
- In the confirmation email for my registration your bot sent me back my password in plain text. You store user passwords for this forum in plain text. I find it a little... sketchy for a community of security conscious people who'd flash a custom firmware onto their routers.
My two small concerns. First, I'd just to want to get a feel for the whole story and community, and find out if this is my place. On the newbie level to power user scale, I'm on the newbie side. Thanks!
DDWRT is DDWRT, is not based on anything. They used OpenWRT kernel more than a decade ago and from there it's a complete new story. About how alive it is, you can check forum sections Atheros, Broadcom and others and check the new build threads, also you can see code commits here http://svn.dd-wrt.com
Probably the weakness of ddwrt is documentation/forum, where it is outdated, not well organised and hard to find, the forum framework sucks and it's really old, etc, but it's understandable since there are only 2 developers from what I'm aware of. So I actually don't care about the password on the forum, ddwrt firmwares are really good and I prefer that than a nice forum layout.
About user friendly, well I wouldn't give the router to be configured by my mom or dad, other than that if you can find your way to resolve your doubts on the forum/google then it's pretty easy to setup, for the basic stuff of course. _________________ R6400v2 (boardID:30) - Kong 36480 running since 03/09/18 - (AP - DNSMasq - AdBlocking - QoS) R7800 - BS 31924 running since 05/26/17 - (AP - OpenVPN Client - DNSMasq - AdBlocking - QoS) R7000 - BS 30771 running since 12/16/16 - (AP - NAS - FTP - SMB - OpenVPN Server - Transmission - DDNS - DNSMasq - AdBlocking - QoS) R6250 - BS 29193 running since 03/20/16 - (AP - NAS - FTP - SMB - DNSMasq - AdBlocking)
OK, this is the DD-WRT community, and with respect what the project stands for, perhaps what other projects do you have in mind I might be interested in checking out, for my current router (Linksys WRT160N) to start with?
You mentioned documentation is not the strength of the project, which is a pity. As a newbie, I might be interested in a project with a solid documentation I thought I could learn more from than Googling and foruming in circles.
Netzwerk wrote:
- I just got my hands on an old router with some version of DD-WRT already flashed on it, tried to follow the instructions on the Wiki to feel more in control of the device, found the relevant links dead... but that's for another story.
Nonetheless, I try to make my way through this.
I see nothing wrong with the forum layout per se. phpBB is pretty capable.
OK, this is the DD-WRT community, and with respect what the project stands for, perhaps what other projects do you have in mind I might be interested in checking out, for my current router (Linksys WRT160N) to start with?
You mentioned documentation is not the strength of the project, which is a pity. As a newbie, I might be interested in a project with a solid documentation I thought I could learn more from than Googling and foruming in circles.
Netzwerk wrote:
- I just got my hands on an old router with some version of DD-WRT already flashed on it, tried to follow the instructions on the Wiki to feel more in control of the device, found the relevant links dead... but that's for another story.
Nonetheless, I try to make my way through this.
I see nothing wrong with the forum layout per se. phpBB is pretty capable.
What router version have you got?
And no, this phpBB version is ancient history nowadays. _________________ R6400v2 (boardID:30) - Kong 36480 running since 03/09/18 - (AP - DNSMasq - AdBlocking - QoS) R7800 - BS 31924 running since 05/26/17 - (AP - OpenVPN Client - DNSMasq - AdBlocking - QoS) R7000 - BS 30771 running since 12/16/16 - (AP - NAS - FTP - SMB - OpenVPN Server - Transmission - DDNS - DNSMasq - AdBlocking - QoS) R6250 - BS 29193 running since 03/20/16 - (AP - NAS - FTP - SMB - DNSMasq - AdBlocking)
OK, @Xeon2k8 asks me in #4 of this thread which router model I exactly got. I answer him in #5... and he seems to keep me hanging ever since. ;( (See the story as it develops in #2 and #3.)
Sure, I understand it's a volunteer community and who knows?
He may have a family emergency (I hope not) or some other important thing to do.
LOL, sorry m8. I've been reading about the 160n on the forum and it seems all posted links are dead by now. You *COULD* try with this build which I think is the most similar to the one on the guide but it's totally up to you...
ftp://ftp.dd-wrt.com/betas/2010/01-16-10-r13637/broadcom_K26/dd-wrt.v24-13637_NEWD-2_K2.6_mini.bin _________________ R6400v2 (boardID:30) - Kong 36480 running since 03/09/18 - (AP - DNSMasq - AdBlocking - QoS) R7800 - BS 31924 running since 05/26/17 - (AP - OpenVPN Client - DNSMasq - AdBlocking - QoS) R7000 - BS 30771 running since 12/16/16 - (AP - NAS - FTP - SMB - OpenVPN Server - Transmission - DDNS - DNSMasq - AdBlocking - QoS) R6250 - BS 29193 running since 03/20/16 - (AP - NAS - FTP - SMB - DNSMasq - AdBlocking)
Posted: Fri Jul 07, 2017 15:31 Post subject: Re: Newbie seeking for directions: DD-WRT, LEDE, or else? Wh
Netzwerk wrote:
Which of the two was/is the more beginner and user friendly, and which one is aimed at more advanced or power users in general?
Devices with limited storage may not be able to accept newer firmwares (or the firmware may not have all of the features you need). OpenWRT addresses this problem by allowing you to customize the feature set using installable extensions (just like a browser or free OS with a built in package manager.) At the present time, this is the only advantage of OpenWRT since the firmware and GUI are both quite buggy and outdated. However, I am optimistic about the LEDE fork.* At this point DD-WRT is more stable than OpenWRT and the beta versions have a good feature set but (like OpenWRT) it lacks essential modern security features like DNScrypt, DNSSEC and wired client isolation. Tomato has the best performance and security, but may not support your hardware. Advanced Tomato adds a more polished user interface. When I want to replace the factory firmware on a SOHO router, my current preference order is:
How much is the DD-WRT project alive, from 1-100%?
It is 100% alive and updates are published routinely - but without DNS security features, connections can be hijacked by a man in the middle (and this is actively being exploited by state actors.) Without wired client isolation, untrusted devices on your LAN could be snooping or hacking your network. (Yes there are real world examples. Even mainstream IoT devices like Roku are collecting data from other machines on your network.)
tried to follow the instructions on the Wiki to feel more in control of the device, found the relevant links dead...
And they make it almost impossible for new users to find current builds, for no logical reason. Frankly, some of the best documentation for DD-WRT is not found on this site.
In the confirmation email for my registration your bot sent me back my password in plain text. You store user passwords for this forum in plain text. I find it a little... sketchy for a community of security conscious people who'd flash a custom firmware onto their routers.
And that's just the tip of the iceberg. The web server defaults to an insecure, unencrypted connection which is vulnerable to snooping and MITM script injection - and the admins have ignored complaints about it. The firmware downloads are not delivered over a secure channel and no hash or CRC check is available to verify the integrity. Automatic firmware updates (or update alerts) are also not possible. If the developers do not care about security on their web site, why would they care about security on your router? Youre damn right thats cause for concern: in just about every place where they faced a security decision, the owner of this web site chose to implement the LEAST secure method. This is exactly what you would do if you secretly worked for the gestapo.
Udo Ulfkotte, a former editor of Frankfurter Allgemeine Zeitung, one of the largest newspapers in Germany, admits he worked for the CIA. “I’ve been a journalist for about 25 years, and I’ve been educated to lie, to betray, and not to tell the truth to the public.” The CIA currently maintains a network of several hundred foreign individuals around the world who provide intelligence.
I'd just want to get a feel for the whole story and community, and find out if this is my place.
If you want to learn on your own, there is no point in being chained to any particular place or any particular firmware. And what you will end up using is highly dependent on the hardware. Your first concern should be securing your primary router. If the device will run a current build of Tomato, I strongly recommend it. As the other firmwares improve, so will my opinion of them. You could also purchase a device from pfSense.org which includes tech support - but dont expect tutoring from anyone for anything. As we say, Google is your friend.