[Solved] Security concern

Hello. I managed to secure my network by installing OpenWRT on all of my routers but it still has some security breaches. Namely, TPLINK TL-PA2010 which transfer lan wired connection through electricity. What do you think about TPLINK TL-PA2010 with regard to its security?

Also would be interested in installing OpenWRT on it if it is possible, because I have one extra to play with.

Since TL-PA2010 is not supported by OpenWrt, there can be no security breach by OpenWrt on this device.

1 Like

I agree with @tmomas:

If this is the security concern, do not use Ethernet-over-powerline solutions for your networking needs. Most powerline solutions effectively work up until the mains down-covering transformer; meaning your network could potentially be accessible at many homes in a city-based neighborhood.

It’s difficult to make wired connection in my big house. The network is not accessible in other phases in my house(I have three) so the concern of others connecting to it isn’t a problem. Also to connect a new one a pair button has to be pressed on either of them. What my main concern is that there may be a virus for it which sends out my data to hackers. I know I may use a vpn at my devices but I have it configured on my main router.

  • Ummmm...if you're concerned that the device is compromised, and there's no 3rd party firmware available for it...Throw it away.
  • If you're just security "paranoid," block their IPs from forwarding to WAN on the OpenWrt; and don't set a DNS and gateway on the devices if possible.

Be more specific, please. I don't understand what you mean?

1 Like

Its rather simple, the device is a homeplug AV device and if you bought it as pairs, should automatically encrypt all traffic via 128-bit AES and have a unique key setup out of the box. If you got it separately, make sure you change the default key/password. So from a pure protocol standard perspective homeplug AV1-3 is secure.

Yet, as you noticed like any other network/router device that has no opensource third party firmware support, you rely on the stock firmware implementation. Which means it probably is derived/based on TPLINKS router line firmware. You now have to decide for yourself how trustworthy TPLINK is in regard to its stock firmware.

PS: If you are really "paranoid" and cant switch to a opensource based homeplug device, there are the https://canary.tools devices, CanaryTokens.org, which setup "honeypots" in your network and have a consumer friendly (red led) report mechanism to detect possible intruders. Could not find there cheaper consumer grade devices anymore so maybe use something like http://docs.opencanary.org/en/latest/ on some old hardware.
Guide: https://medium.com/@csima/how-i-protected-my-home-network-66797536a3cc

1 Like

Thank you for your help guys. I installed Openvpn on my APs so now traffic leaving them is encrypted.

If your problem is solved, please consider marking this topic as [Solved]. (Click the pencil behind the topic...)

This won't help you against viruses send out your data to hackers. ...

1 Like

Hopefully my Macs are protected because I reinstall OS quite often. My only concern is my iPhone losing 15% of battery on standby on jailbreak it was even faster. Considering switching to Blackberry Key2 soon.

than everything is said ...

1 Like

Reinstall of os does not remove every malware... There are some rootkits for (u)efi and probably for other software that retains on a reinstall...

My phone does also use battery on standby depending on how long it is in standby :dizzy_face:

I forgot to mention it loses it in 3 hours