Most stable version for wifi

[deursen]

Hi,

What is the best firmware version for maximum speed and stability on wifi?
With the newer 4.374 versions I had problems. When streaming video I had to many disconnects and interrupts. With 5G sometimes the connection to WAN was lost and needed a reboot.

Going through the threads I read that the SDK5 drivers are the best. Is this still the case? How does 4.374.43 compare to 4.270.26b?

This is pure a question for wifi and not for safety since I use ASUS pure as AP for internet and media streaming. I have a B1 version of the router.

 

[CooCooCaChoo]

IMHO, 35-4 SDK5 has the best stability and reliability. Speed wise, it is able to give me my link speed of 57/11.

Before I started to tweak linux's settings, my uptime was 190 days approximately with no drops or disconnections.

 

[Deleted member 22229]

IMHO, 35-4 SDK5 has the best stability and reliability. Speed wise, it is able to give me my link speed of 57/11.

Before I started to tweak linux's settings, my uptime was 190 days approximately with no drops or disconnections.

While its true 35_4 SDK5 is the best firmware for range on the N66 it is full of security holes that one needs to keep in mind if you run this firmware.

 

[KevTech]

While its true 35_4 SDK5 is the best firmware for range on the N66 it is full of security holes that one needs to keep in mind if you run this firmware.

Name them specifically as I have looked in the changelog past this version and do not really see anything serious in terms of security.

Maybe removing the run cmd page but that is a non issue if you only have that tab open.

 

[Deleted member 22229]

Name them specifically as I have looked in the changelog past this version and do not really see anything serious in terms of security.

Maybe removing the run cmd page but that is a non issue if you only have that tab open.

I dont know every security risk involved i know this has been discussed many times in the forums perhaps Merlin would be able to comment on pacific risks but lets face it there have been many security fixes since that build was released one big one was just fixed in Merlins latest build 376.45 OpenSSL

 

[KevTech]

I dont know every security risk involved i know this has been discussed many times in the forums perhaps Merlin would be able to comment on pacific risks but lets face it there have been many security fixes since that build was released one big one was just fixed in Merlins latest build 376.45 OpenSSL

Huh?

No version of openssl that the RT-N66U used was vulnerable to heartbleed if that is what your are trying to say.

 

[Deleted member 22229]

Huh?

No version of openssl that the RT-N66U used was vulnerable to heartbleed if that is what your are trying to say.

Nope it had nothing to do with heart bleed even Merlin suggested people running 374.43 to upgrade because of it. Then John came out with fork version of 374.43 but with the fixes of 376.45

http://forums.smallnetbuilder.com/showthread.php?t=18914

http://forums.smallnetbuilder.com/showpost.php?p=135461&postcount=16

 

[KevTech]

I read the OpenSSL Security Advisory and have no worries.

 

[RMerlin]

Name them specifically as I have looked in the changelog past this version and do not really see anything serious in terms of security.

Maybe removing the run cmd page but that is a non issue if you only have that tab open.

Keep in mind I only list my own changes, not Asus's. Asus fixed a lot of security holes last winter, some of them being remotely exploitable (most notably with AiCloud).

See their changelog for the RT-N66:

http://www.asus.com/Networking/RTN66U/HelpDesk_Download/

Picking just one single release from last February:

ASUS RT-N66U Firmware version 3.0.0.4.374.4422
Security related issues:
1. Fixed lighthttpd vulnerability.
2. Fixed cross-site scripting vulnerability (CWE-79).
3. Fixed the authentication bypass (CWW-592).
4. Added notification to help avoid security risks. 
5. Fixed network place(samba) and FTP vulnerability.

And here's another:

ASUS RT-N66U Firmware version 3.0.0.4.374.5517
Security related issues:
1. Fixed remote command execution vulnerability
2. Fixed cross site scripting vulnerability
3. Fixed parameters buffer overflow vulnerability
4. Fixed XSS(Cross Site Scripting) vulnerability
5. Fixed CSRF(Cross Site Request Forgery) vulnerability
6. Added auto logout function. The timeout time can be configured in - Administration--> System
7. Included patches related to network map. Thanks for Merlin's contribution.
8. Fixed password disclosure in source code when administrator logged in. 
9. Changed OpenSSL Library from 1.0.0.b to 1.0.0.d. Both OpenSSL versions are not vulnerable to heartbleed bug.

Those all happened after the last SDK5 release.

 

[KevTech]

I don't use any of the bloat that comes with the router as I have other programs or secured servers for those.

Everything is disabled except wireless.

 

[RMerlin]

I don't use any of the bloat that comes with the router as I have other programs or secured servers for those.

Everything is disabled except wireless.

A lot of those XSS/CSRF vulns involve the web interface. I'd recommend switching it to https and to a different port to mitigate the risk of XSS attacks.

Nonetheless, this should be mentioned every time someone suggests to another user that he revert back to such an old firmware, as otherwise they might unknowingly opening themselves to a vast array of potential attacks.

 

[Deleted member 22229]

I don't use any of the bloat that comes with the router as I have other programs or secured servers for those.

Everything is disabled except wireless.

If thats the case and you feel comfortable with the older firmwares then go for it. I was just trying to point out some of the issues you might have to deal with.