Just got openwrt installed few minutes ago, are there any settings i should change or is the stock configuration already made to suit most users?
What about the firewall, wireless & ethernet security, defense against ISP attacks, detecting suspicious traffic from hardware backdoors such as intel ME / AMD PSP?
The fw defaults are fine, stay with them.
As for the wifi security, it's entirely up to you.
1 Like
Stock config is certainly ok - when you want additional security you can look into
- perform local vulnerability scan with Nessus Essentials https://www.tenable.com/downloads/nessus
- perform remote portscan with https://dnschecker.org/port-scanner.php
- block malicious hosts with https://github.com/openwrt/packages/blob/master/net/banip/files/README.md
- enforce Network isolation with vlan https://openwrt.org/docs/guide-user/network/vlan/start
- encrypt DNS traffic https://openwrt.org/docs/guide-user/services/dns/dnscrypt_dnsmasq_dnscrypt-proxy2
5 Likes
Thank you i will look into this!
Another question, whats going on with the flickering router lights? Why do they flicker is it good/bad/normal?
On the ISP modem i actually put tape on the lights because it was so annoiyng.
The 2.4G wireless led keeps flickering crazy but no devices are connected to it, the power on led is constantly lit up but not flickering.
you can configure the LEDs on Openwrt.
Indeed, look in System > LED Configuration
On a sidenote: OpenWrt's LED options are nice to experiment with and very extensive.
See https://openwrt.org/docs/guide-user/base-system/led_configuration
and also check System > Software, search for leds for even more possibilities.
1 Like
Thank you!
Today i wiped my mobile phone clean, flashed the latest lineageos21 based on android14 on it, went through the settings, installed a few apps, and finally attempted to connect to the internet.
My phone shows "error no internet" or "checking for internet access..."
This is, after i entered to correct wifi password.
Do i have to change settings in openwrt?
I actually wiped two mobile phones and both have the same issue.
Edit: huh solved it by editing connection details.
IP 192.168.1.128
Gateway 129.168.1.1
Prefix 24
DNS 9.9.9.9
DNS 149.112.112.112
Prior i had the ip set to 192.168.0.88, does openwrt reserve these ports for anything?
At the time i had only one other device (desktop) connected to the router, was it using the ip alreay?
I would highly recommend you do not assign IP addresses on your LAN/WLAN clients and if you need them to have unchangeable IPs, make use of the "Static Leases" feature (Network->DHCP and DNS->Static Leases).
Same with the DNS resolvers, if you want all your LAN/WLAN clients to use specific resolvers, you can assign them with DHCP option 6, or just use those resolvers with OpenWrt router and let your LAN/WLAN clients use your router for name resolution (which is a default).
So assigning ip's can cause issues? You guessed it i don't know what i'm doing but atleast i can now access the internet..
I don't want the devices to have static ip adresses, using a vpn anyways.
How exactly do i set a specific dns resolver with openwrt? i would do that for ethernet and wifi devices, or is it a per-device config? Let me check that option 6
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.