dd-wrt - does it include SPI or other firewall protection?

[WildHorse]

DD-WRT

as I a newbie understand it, this is a flash of router firmware to improve router hardware / software performance.

If I understand correctly, all that matters is that DD-WRT is installed, after which there's really no functional difference among brands and models of router hardware, except in their radio range when used in wireless mode. So might as well buy the cheapest hardware that'll run DD-WRT.

(a) Is that about right?

(b) Does DD-WRT include any firewall protection?

(c) Which firewall protections are needed? I see reference to SPI, MAC, WEP, and other abbreviations that I don't yet understand. Apparently SPI is the good one for home use, is that right?

Too darn many brands & models in the market. Confusing.

 

[n0cmonkey]

WEP isn't a firewall protection, it's for encryption. You want WPA or WPA2. MAC isn't really a firewall protection either, it just blocks MAC addresses. I don't generally use it since changing MAC addresses is trivially easy.

I'd check out their recommended devices page before settling on anything.

The page mentions a firewall script, so I'm guessing it uses iptables like most other linux distributions. IPTables is a Stateful Packet Inspector.

 

[JackMDS]

All Routers are Automatically Firewall that is the nature of the Routing it does not matter which firmware is used.

Cable/DSL Routers - NAT, Ports, SPI.

Bear in mind that though the same word Security is used to describe Secure Internet Connection and Secure Wireless from a Computer functioning perspective there is No relation between the two.
Wireless Security has Nothing to do with securing the Internet Connection.
Wireless is just a replacement for a Wire and thus can be intercepted by people in the neighborhood attaching them self to your Signal and use your LAN and your LAN's Internet Connection. To avoid Local Tapping there are Wireless Security measures. These measures are unique to the Wireless components, and have to be used even if there is No Internet Connection.

This page describes the basic principles of functional Wireless Security.

Wireless Security - http://www.ezlan.net/Wireless_Security.html

Currently the strongest Wireless Security is WPA + AES. DD-WRT would support it provided that the Wireless client card and the drivers support it as well.

As for Internet Security, Cable/DSL Router Hardware NAT and Firewall/AntiVirus/AntiSpy applications are the ones that protect the Internet connection from being invaded/infested, and preventing your LAN computers (Wired and Wireless) from transmitting out to the Internet privileged information.

Would should you do?

If you want to go for broke, buy the D-Link deal that you saw on buy.com

The best deal for the money is this, $39.99 and DD-WRT flushable.

http://www.newegg.com/Product/Product.asp?Item=N82E16833162173

You want to be Cool and spend a little more for being cool, buy this, $59.99 after rebate and DD-WRT flushable.http://www.newegg.com/Product/Product.asp?Item=N82E16833124190

I think that the Buffalo is as good as the Linksys, and cost $20 less. Some people here would not agree with me, which is OK, after we are not robots, and every one has his own opinion.

 

[WildHorse]

JackMDS,

Thank you for helping me learn about this!

Scott

 

[cmetz]

scott, (a) yes, (b) yes, (c) executive summary is that DD-WRT has a good level of firewall protection for a normal home user - an advanced user would want/need more.

 

[WildHorse]

Originally posted by: cmetz
scott, (a) yes, (b) yes, (c) executive summary is that DD-WRT has a good level of firewall protection for a normal home user - an advanced user would want/need more.

cmetz
Thank you!