Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router — and by extension, your network — is as secure as possible.
Most Popular Reviews
Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.
MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.
11/8/01 New firmware release version 2.40.2 should fix a number of problems, including DHCP assigning the same IP to multiple PCs, Zone Alarm support, and more. Download and check the ver.txt file for details.
4/2/01 Updated firmware info.
10/16/00 Added info on 30 day trial subscription to TZO.com's Dynamic DNS service and 20% TZO discount offer. TurboLinux demo CDs also included..
100Mbps, Link/Activity, Full/Collision for each of eight LAN ports
Link, Activity, Diag for the WAN port
One RJ45 10BaseT for the WAN
Eight RJ45 auto sensing 10/100BaseT LAN
printed User guide
CDRom with HTML setup guide, PDF copy of User guide, and more
one page Quick Installation Guide
TZO.com 30 day trial Demo CD
Turbo-Linux demo CD.
Hardware Reset switch
Uplink / Normal switch for LAN Port 8
If you like the other Linksys EtherFast routers, then you'll like this 8 port version. Attractively priced at $200, the BEFSR81 will give you pretty much the same routing experience as its less port-endowed siblings. You'll also get demo CDs for TZO.com's Dynamic DNS service and TurboLinux. But what about those SNMP and QoS logos on the box you ask? Keep readin' pilgrim...
A few things to watch out for...
This review is going to be a "QuickCheck", because the only thing new in the 81 is the number of ports and its QoS and SNMP features. If you want the details on what the Linksys products will do, hop on over to the 4 port router review, browse through the over 700 user Opinions, and be sure to visit the Help pages.
A word about firmware before I dig into the new features. My router came with version 1.34 firmware, which provides the same functions as the 1.34 firmware for the other Linksys routers. So, first thing I did was try to upgrade the router to the current release, 1.35, and got an unhelpful error message from the upgrade program. Checking with Linksys, I confirmed my suspicion that the '81 will not use the same firmware as the '11 and '41 routers. Instead it will have its own firmware series, numbered 2.XX. Linksys has posted a firmware file on their FTP site (file is named befsr81.zip), but it's just a copy of the existing 1.34 firmware.
I also found a problem with the Host Name handed out by the DHCP server. When I ran winipcfg, I'd see garbage characters in the Host Name field. The LAN client was able to access the Internet ok, but it probably wouldn't have if I were connected to @Home, where the Host name is an important part of client operation.
The icon on the box says "SNMP Management Now Supported", but you coulda fooled me! There's no mention in the User Guide that I received and Linksys was unable to locate a manual that described the SNMP features either. After some discussion with Linksys and my own poking around, here's where the SNMP features of the 81 stand:
Linksys is supplying no documentation on the 81's SNMP features
Linksys is not shipping the 81 with a MIB (Management Information Bases) table
Linksys is not supplying or recommending a MIB Browser or SNMP management tool.
I tried a couple of free SNMP management programs and viewers, and got the most information from the MIB-2 Viewer that is part of the Accton AccView suite. But I was flying blind, and maybe users familiar with wrasslin' with SNMP will have better luck.
Bottom Line: The functionality is there, but of limited use without documentation and the MIB file.
Although the SNMP features probably won't be interesting except to users with large, managed networks, the QoS (Quality of Service) features will draw more attention.
At first glance, it looks like you can control which port(s) or which application(s) gets first crack at the available bandwidth from your ISP. Unfortunately, that's not the case.
After a few Q&A go-arounds with folks at Linksys, though, here's what it looks like the QoS features can really do:
The Port-based QoS features apply to the LAN side only, and only to ports 1 through 4. This feature can let you determine who can hog bandwidth on LAN-port-to-LAN-port transfers. This feature doesn't pay attention to, or modify any data packets. It works by controlling the data buffers on the selected ports.
(Think of this like adjusting a valve. Doesn't matter what's flowing through the pipe... the valve lets you adjust the flow.)
The Application-based QoS (ToS [Type of Service]) features apply to all ports on the router including the WAN port. But since this feature works by setting ToS bits in the IP frame header, it will only work with devices that pay attention to the ToS bits.
(Think of this like stamping each data packet with that ink that glows when you shine a "black light" on it (like when you go to a club). Most people won't see the stamp...only the person at the door with the black light will see the stamp and know what to do with you! )
The 81's LAN ports know how to handle the ToS-flagged bits, so if you have local servers, you'll be able to prioritize traffic. But unless your ISP supports QoS/ToS (does anyone?), you won't be able to use this feature to parcel out bandwidth by application type for Internet traffic.
Bottom Line: Of limited use for most users. Will probably cause more calls to Linksys Tech Support than the feature is worth.
No problems in this department. Here are the results
All numbers are in Mbits per second (Mbps). (Details of how we tested can be found here.)
Since I've started to use netIQ's (formerly Ganymede) free QCheck utilityfor my wireless speed tests, I thought I'd give it a shot. The results are included below
Response Time (ping)
TCP Throughput (1MByte file transfer)
UDP Streaming (1Mbps rate 10 sec duration)
0% Data Loss
13% Data Loss
The TCP Throughput numbers tend to run higher than my throughput test because QCheck doesn't include protocol overhead, transfer startup, transfer shutdown and other similar things in their number. The UDP Streaming results are very good compared to other routers that I've checked, indicating good packet handling speed.
I suspect that this product may cause Linksys more trouble than they bargained for. SNMP and QoS are features that are tricky enough to understand when you have good documentation. But to put them in a product aimed at the consumer market with virtually no documentation is asking for your Tech Support line (and your Support reputation) to get hammered!
Buy it if the price is right and you can live with the Linksys feature set and problem list. Don't buy it for either the QoS or SNMP features unless you're prepared to go it alone.