Still think TP-LINK is a good option for a home router?

[Rand]

Its been brought up a few times but this is what happens after short time
They are abandoned by the manufacturer with no patches for exploits and get turned into botnets.

https://arstechnica.com/information...ong-botnet-used-in-password-spraying-attacks/
https://therecord.media/tp-link-router-vulnerability-botnets
https://thehackernews.com/2023/06/new-condi-malware-hijacking-tp-link-wi.html
https://www.tripwire.com/state-of-security/patch-now-mirai-iot-botnet-exploiting-tp-link-routers


I'd suggest something that gets updates/patches. Unifi has introduced some lower cost options such as the Cloud Gateway Ultra for $129.

 

[OVERKILL]

Well, this should be interesting

 

[FordSVTGuy]

The linked articles seem to single out just the one Archer model. Are there issues with other routers in the TP Link lineup?

 

[ripcord]

The moral of this story is practice good network hygiene. Keep your WiFi access points behind a firewall. Close all unneeded ports at the firewall. Use strong passwords. Change your passwords regularly. Stay up to date with patches on all network attached devices. Take multiple backups of your critical data and keep them offline.

 

[OVERKILL]

The moral of this story is practice good network hygiene. Keep your WiFi access points behind a firewall. Close all unneeded ports at the firewall. Use strong passwords. Change your passwords regularly. Stay up to date with patches on all network attached devices. Take multiple backups of your critical data and keep them offline.

Right, but in this instance the exploited device IS the "firewall".

Microsoft didn’t advise how users of TP-Link routers and other affected devices can prevent or detect infections. Many experts in the past have noted that most such infected devices can’t survive a reboot because the malware can’t write to their storage. That means periodically rebooting can disinfect the device, although there’s likely nothing stopping reinfection at a later point.

 

[Rand]

The linked articles seem to single out just the one Archer model. Are there issues with other routers in the TP Link lineup?

the earlier articles do.. but the new article from today references just one of the botnets which s botnet-7777
more info here
https://www.team-cymru.com/post/botnet-7777-are-you-betting-on-a-compromised-router

or here-- contains partial list..
https://www.bitsight.com/blog/7777-botnet-insights-multi-target-botnet

This is just one particular botnet.. there are many.

The moral of this story is practice good network hygiene. Keep your WiFi access points behind a firewall. Close all unneeded ports at the firewall. Use strong passwords. Change your passwords regularly. Stay up to date with patches on all network attached devices. Take multiple backups of your critical data and keep them offline.

Could you clarify how that relates to home Routers? Not much of that applies or is relevant to the topic of this thread.

 

[OVERKILL]

Its been brought up a few times but this is what happens after short time
They are abandoned by the manufacturer with no patches for exploits and get turned into botnets.

https://arstechnica.com/information...ong-botnet-used-in-password-spraying-attacks/
https://therecord.media/tp-link-router-vulnerability-botnets
https://thehackernews.com/2023/06/new-condi-malware-hijacking-tp-link-wi.html
https://www.tripwire.com/state-of-security/patch-now-mirai-iot-botnet-exploiting-tp-link-routers


I'd suggest something that gets updates/patches. Unifi has introduced some lower cost options such as the Cloud Gateway Ultra for $129.

On the last link, I'd argue businesses shouldn't be using TP-Link routers in the first place, this is consumer-grade stuff, there's no excuse to be using it at the business level with superior options at attainable price points readily available.

 

[ripcord]

Right, but in this instance the exploited device IS the "firewall".

Could you clarify how that relates to home Routers? Not much of that applies or is relevant to the topic of this thread.

Relying on any consumer grade WiFi access point to provide all your network services while it's directly connected to the internet is not good network hygiene in my opinion. Even the enterprise level hardware providers can and do have security lapses from time to time.

I do understand configuring a separate firewall appliance or server is a lot to ask of Joe Sixpack.

 

[OVERKILL]

Relying on any consumer grade WiFi access point to provide all your network services while it's directly connected to the internet is not good network hygiene in my opinion. Even the enterprise level hardware providers can and do have security lapses from time to time.

I do understand configuring a separate firewall appliance or server is a lot to ask of Joe Sixpack.

AIO devices are popular of course because of their convenience, which is why consumers tend to gravitate toward them, but many of them are also slung as being legit firewall solutions, when they are just a half-assed Busybox hack-together with a mostly usable UI slapped on top of it, which misleads consumers into the supposed capability of the device. Couple that with most of the firmware on these things being abandonware in a short period of time and it's not surprising that CRG's have become a popular target for malicious foreign actors in recent years. This is despite the opining on the subject by some who claim these actors wouldn't bother because Joe Homeowner isn't a "high value target". It does not take considerable resources to exploit these vulnerabilities, most of it is automated.

 

[BrendanC]

cheap alternative would be Unifi Express. AIO router, firewall, wifi 6 AP and network controller. can always add another POE ubiquiti AP in either hardwire or mesh to cover the entire house.

 

[DemoFly]

This is true for all internet connected devices that are end of life and unsupported...All the supported effected routers are already patched by TP-Link.

This has been a threat vector for decades and is why white hats hack old equipment with the intent to brick. Many people refuse to accept or do not know that networking equipment is a consumable.

 

[Rand]

This is true for all internet connected devices that are end of life and unsupported...All the supported effected routers are already patched by TP-Link.

What supported affected routers were patched? Not buying that blanket statement

cheap alternative would be Unifi Express. AIO router, firewall, wifi 6 AP and network controller. can always add another POE ubiquiti AP in either hardwire or mesh to cover the entire house.

The express is abit of a turd.
Express is very underpowered and wont run IDS/IPS

The express in comparison to consumer level though.. it is a router that actually gets updates.

IMO: Way ahead of the game with a CGU and 1 or 2 waps.

 

[andrew_j]

Garbage

 

[BrendanC]

What supported affected routers were patched? Not buying that blanket statement


The express is abit of a turd.
Express is very underpowered and wont run IDS/IPS

The express in comparison to consumer level though.. it is a router that actually gets updates.

IMO: Way ahead of the game with a CGU and 1 or 2 waps.

i’ve been deploying the Ultras with a few AP’s and a POE switch for family. i have my uncles house to do next. 9500 sq/ft and a 12000 sq/ft shop.
3 U6 enterprises, UDM pro max, enterprise 48 POE and enterprise 24 POE. 2 U7 outdoors, one of which will serve as the inside the shop AP and for the office in the shop i’ll use a u6 lite. need to pull a fiber line between his shop and house to keep a steady uplink between the 48 and 24 port switches

 

[OVERKILL]

cheap alternative would be Unifi Express. AIO router, firewall, wifi 6 AP and network controller. can always add another POE ubiquiti AP in either hardwire or mesh to cover the entire house.

Yep, Ubiquiti has really cornered the market on the prosumer and SMB space, stuff where Cisco's Meraki family of products really isn't cost-competitive as a cloud-managed alternative.

Their problem, as has been articulated by others in previous discussions on the subject, is often poorly skilled installers who really don't understand networking and use the price point to sell the brand but lack the skills to properly set it up.

 

[BrendanC]

Yep, Ubiquiti has really cornered the market on the prosumer and SMB space, stuff where Cisco's Meraki family of products really isn't cost-competitive as a cloud-managed alternative.

Their problem, as has been articulated by others in previous discussions on the subject, is often poorly skilled installers who really don't understand networking and use the price point to sell the brand but lack the skills to properly set it up.

ubiquiti is very user friendly, i think that’s part of their success. someone with little to no skills in networking can follow a few youtube videos and with some network pulls and equipment have a enterprise grade network at home.

 

[OVERKILL]

ubiquiti is very user friendly, i think that’s part of their success. someone with little to no skills in networking can follow a few youtube videos and with some network pulls and equipment have a enterprise grade network at home.

Yes, though I would say "near enterprise" as the equipment isn't at the price point of Cisco/Juniper/Brocade/Palo Alto for a reason, but it's leagues better than what most people are using and is perfectly suited for the prosumer and SMB space.

Its ease of setup is absolutely a big part of their success and I always encourage folks on here to go that route when looking for an upgrade from something like the equipment being discussed in this thread.

My criticism is more around IT shops that are using it for that same reason and leveraging the price to get into jobs where their lack of knowledge is a danger to the customer and themselves. There was a member on here whose friend's business had exactly that experience, the shop couldn't get the equipment setup properly to replace the PFSense firewall they swapped out, not due to any limitations of the equipment itself but rather the limitations of their knowledge. This doesn't look good on the vendor or the equipment.

I'm currently using a UDM SE, Enterprise 24 port PoE (2.5Gbit on 12x of the ports) and an Enterprise AP at home that replaced some Cisco stuff I had bought on an NFR. At the price point, I was like, why not?