Looking for router firmware alternatives

Thursday, June 11. 2009, 14:16

A couple of projects exist for alternative router firmwares. I used to work with Buffalo Routers combined with DD-WRT.

Now DD-WRT became quite unusable for two reasons. First there was a Cross Site Request Forgery reported on bugtraq a while back, where one of the DD-WRT developers answered in a way that clearly showed he doesn't really understand what CSRF is - so already from a security point of view, DD-WRT seems to be a no-go.

Beside, DD-WRT development more or less is stale at the moment - there are commercial spin-offs and there's been some controversy if everything they did was compliant to the GPL. Fact is there were no new releases since several months - with open security bugs.

Now I've been looking for alternatives. What I'm looking for should be

a ready-to-use router firmware with easy web-interface configuration from the start, not something like OpenWRT
free software
obviously, a project that handles security-reports in a sane way

For now, Gargoyle the only one suitable. It doesn't officially support my Hardware, but it works anyway. I haven't looked deeper into it (e. g. didn't do any security analysis myself), but it seems to do the basic tasks. If you have suggestions of other projects, please leave a comment.

English, Linux | Comments (10) | Trackbacks (0)

Defined tags for this entry: ddwrt, firmware, freesoftware, gargoyle, router

Related entries by tags:

Trackbacks

Trackback specific URI for this entry

No Trackbacks

Comments

Display comments as (Linear | Threaded)

what about tomato => http://www.polarcloud.com/tomato

#1 mijenix on 2009-06-11 15:16 (Reply)

Tomato is not free software.

#1.1 Hanno (Link) on 2009-06-11 15:32 (Reply)

Another vote for tomato

#2 gregf on 2009-06-11 15:28 (Reply)

Yep, Tomato seems like a perfect match for your needs. :)

#3 Daniel on 2009-06-11 15:31 (Reply)

"Tomato is based on the GPL sourcecode released by Linksys, but includes proprietary binary modules from the chipset manufacturer Broadcom." (Wikipedia) ... evil Broadcom!

Gargoyle is indeed ok, but you surely are missing a lot of options compared to tomato.

#4 franky on 2009-06-11 17:18 (Reply)

According to wikipedia, the frontend is also proprietary, not only the driver. Is wikipedia wrong on that?

#4.1 Hanno (Link) on 2009-06-11 19:54 (Reply)

If you don't have anything against OpenWRT, I'd suggest X-WRT. It's a nice web frontend tacked on.

#5 Steve Dibb (Link) on 2009-06-11 19:01 (Reply)

Hi, I'm the author of Gargoyle. Thanks for the post referencing my software!

Regarding security and CSRF attacks mentioned above -- this vulnerability was fixed in Gargoyle very recently. Beta5 and prior are vulnerable, while users of the latest bleeding-edge firmware (and future releases) are not.

Also, to the best of my knowledge X-Wrt is vulnerable to CSRF attacks, while the newer LuCI interface, which is now the default with OpenWrt, is not. However, last time I checked LuCI doesn't support https, which is a problem.

#6 Eric (Link) on 2009-06-12 21:40 (Reply)

It is really disappointing that tomato isn´t freeware...
It is helpful anymore....

#7 Uwe (Link) on 2009-06-24 15:54 (Reply)

Yeah, I think so too, tomato should be freeware!

#8 Torsten (Link) on 2009-06-30 11:03 (Reply)

Add Comment

Name
Email
Homepage
In reply to
Comment	Enclosing asterisks marks text as bold (word), underscore are made via _word_. E-Mail addresses will not be displayed and will only be used for E-Mail notifications.
	Remember Information? Subscribe to this entry

Search

About me

Twitter/identi.ca

Anzeigen

Events

Archives

Categories

Feeds

Tags

Creative Commons

Looking for router firmware alternatives

Thursday, June 11. 2009, 14:16