Thibor11 WRT54GS- works great, what can I add to it

Discussion in 'HyperWRT Firmware' started by railz68, Jan 1, 2006.

  1. railz68

    railz68 Network Guru Member

    I opened my wrt54gs v1.0 on Xmas day. Right out of the box, I put Thibor11 on it. Worked perfect right right away, connected my Kids new PC via wireless, also works fine.

    What features can I take advantage of now ?.
    I've been doing some reading on "iptables". How do I create more rules and add to this firmware, can you use FWBuilder ?. If not, what do you use.

    Just today I see a new worm is out for MSN, I don't use it, but my kids do on WinXP (I run ubuntu linux).

    Is there some way I can block this via the router ?.

    Is there a link anyone can provide that I can read/learn how to use this router/fimware 's features best.
  2. railz68

    railz68 Network Guru Member

    37 views, no response. Maybe I didn't ask correctly.

    How are HyperWRT users adding "NEW" firewall rules ?. Perhaps the rules that come with it are fine, leave them be ?.

    If/When new worms are found that effect WinXP, can they be blocked with rules with this firmware ?.

    I have done a great amount of reading and searching here, I only ask because I don't know.
  3. NateHoy

    NateHoy Network Guru Member

    You are confusing the purpose of a firewall and a virus scanner.

    A SPI firewall has one and only one basic rule - and that is the following:

    "Remote servers may ONLY speak to a local machine if the local machine has asked for that connection, or if a port is forwarded to allow that connection."

    If your computer asks for a virus, or a worm, or a trojan, or porn, the SPI firewall will dutifully allow that information through, because you asked for it. If your computer is compromised by a worm that sends your social security numbers, bank passwords, and underwear size to hackers-r-us, your firewall will "trust" that your computer knows what it is doing and send the information along as requested.

    The ONLY thing an SPI firewall can really do (and this is a Big Thing(tm)) is keep hackers who roam the Internet in search of open networks from roaming onto one of your local machines. That's because an "unsolicited packet" reaches the router, who says "screw you, pal. No one asked for this information!" and throws it away.
  4. railz68

    railz68 Network Guru Member

    thank you for ur reply, I am new at this.

    I've been reading a fair amount on Hyper and DD-wrt, and I've made notes along the way. I may have them mixed up, and confused alittle on what can do what.

    I copied this from a post somewhere on this forum -

    # Blocking Blaster\Sasser
    iptables -A INPUT -p tcp -i eth0 -s 0/0 --dport 135 -j DROP
    iptables -A INPUT -p udp -i eth0 -s 0/0 --dport 135 -j DROP
    iptables -A INPUT -p tcp -i eth0 -s 0/0 --dport 139 -j DROP
    iptables -A INPUT -p udp -i eth0 -s 0/0 --dport 139 -j DROP
    iptables -A INPUT -p tcp -i eth0 -s 0/0 --dport 445 -j DROP
    iptables -A INPUT -p udp -i eth0 -s 0/0 --dport 445 -j DROP
    When I saw this, I thought more could be created to block new worms. I was interesting on how this was created, and put to use. I thought more like this could be made.
    After reading your post, I understand a little better.

    There is a "edit firewall script" on Admin page, so how might I learn what can/could be used with it.

    edit: added
    I should mention, I've been using linux (mandrake morphix, ubuntu) the past 2-3 years. To be perfectly honest, I've used no firewall / antivirus software. Not claiming I don't need it, I just haven't.
    Now my Kids are on WinXP with this router wireless, just doing my homework here. I'm very behind on spyware / virus / trojans.....

    I don't expect it to make eggs and bacon, but whatever it can do, I'd like to learn it.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice