Goodday Developers i just want to recommend to you guys. i used openwrt For 2 Years and i happy on that because it is customizable i just want a new features that openwrt be secured. Iknow that openwrt is hardened and secured by default right? but not always by adding this, openwrt it became perfect. i mean perfectly secured by default
first DNSCrypt i just want to recomment this package becaused it used Dns Over HTTPs and it help me prevent DNS Cache Poisoning ETC. second Arp Spoofing guys the openwrt doesnt have this features, in DD-WRT They have it to protect users from NETCUT, BTW I suffer from script kiddies who used netcut. so it help to prevent it, 3rd The DNS. On 2years i used openwrt i nottice that it have openwrts this: 53 80 443 i manage to closed port 80,443 by creating guest wifi my only problem is port 53 i cant blocked it. it is still open and open to attack, and my wifi users discoverd that they exploint in that port, for the good part i manage to prevent this dns attacked. but its not permanent. may be they discover other exploit in DNS that is but right.
Please OpenWRT Developers add this 3 features by default by doing this all openwrt Users they became inmunte to this attacks if openwrt dev did that, sorry for my bad english.