I am considering getting an Asus rt-ax86u router. According to the page at Info depot wiki, this router got FCC approval in February 2020. Should I pass on this, or any router not released in the past one or two years, because a wifi router released nearly five years ago is most likely close to being declared "end-of-life" by its manufacturer, and will no longer receive firmwae updstes?
Only Buy Routers Released In The Past One or Two Years?
- Thread starter kc27
- Start date
bbunge
Part of the Furniture
As a general rule your thinking is correct. With that said, your choice of an AX86U will probably be OK. The recent issue with Asus routers being attacked seems to have been fixed with Asus releasing a firmware version for the AX86U that appears to have magic healing properties.
To save a bit of money I would buy an AX86U. The AX86U Pro would be a better choice, however. I do have one of each!
To save a bit of money I would buy an AX86U. The AX86U Pro would be a better choice, however. I do have one of each!
ColinTaylor
Part of the Furniture
From where? While officially not EOL it hasn't been available to buy from main distributers for about a year now (after the old stock was run down). It was effectively replaced by the RT-AX86U Pro.
You are right, it is confusing: one model number with variations, each with their own release date. Does the model line get retired at once, or incrementally between indivdual versions?
ColinTaylor
Part of the Furniture
There's no rhyme or reason to Asus' naming system or when they're listed as EOL. The RT-AX86U are RT-AX86U Pro essentially two completely different models. Whereas the old RT-AC68U was sold under numerous aliases even though the hardware was the same.
Tech9
Part of the Furniture
RT-AX86U/S are the same generation hardware, then comes RT-AX86U Pro followed by the newest RT-BE86U. They all have different release dates and expected support after. Expectations for support period - 4+ years. At least this is what Asus confirmed in countries with minimum support period requirements. In reality - may be longer since Asus firmware is global, not regional.
P.S. I would buy a cheap used RT-AX86U router. It’s reliable, good performance, popular, most likely will be supported until 2026, runs more mature firmware, Asuswrt-Merlin supported… perhaps the best budget option if under $120 equivalent. I’ve seen some around at this price point.
P.S. I would buy a cheap used RT-AX86U router. It’s reliable, good performance, popular, most likely will be supported until 2026, runs more mature firmware, Asuswrt-Merlin supported… perhaps the best budget option if under $120 equivalent. I’ve seen some around at this price point.
Last edited:
Thanks for this idea. I will look into it. Someone else mentioned to me not to get hung up on future proofing with a router.
Not to mention that you may find yourself helping to debug a beta-quality product. Sure, if that sounds like fun, go for it --- but if you just want reliable wifi, first-generation gear should be looked at warily. Over on the Ubiquiti forums, I've been discouraging noobs from buying any of the UniFi U7-series APs yet, because they're pretty clearly Not Ready For Prime Time. (I have no doubt that they'll get there, but they're not there today.) Asus has committed some similar sins.
You have to look at if the manufacturer is interested into making products they are going to service for a long time vs. products they make to serve a fad.
Some of these devices they made years ago and now coming around to circulate in the market. A really good example of this is 10G Base-T networking since this has been around for almost 20 years.
I gave up on any store bought router to secure a network because 1. I can not check their code to see if they programmed it properly, and 2. they always seem to have security exploits from the internet. Wifi is not secure communications and very exploitable so I wouldn't recommend using one as the network router.
So I take it you've read every line of pfSense, OpenWRT, and the Linux kernel (or whatever else you use)? Your point 1 is utter nonsense for most of us; we don't have the time or abilities to vet all our system infrastructure. To be clear, I prefer open source too, but I don't fool myself that I'm going to discover or fix any vulnerabilities in my router.
"Wifi is very exploitable" seems like FUD as well. For one thing, nobody further away than say 100m is going to be able to break into your WLAN, even if it's totally open. That makes your ISP connection far more dangerous, unless maybe you live across the street from a nest of evil-minded hackers. Sure, it's a good idea to be using strong passwords, getting off of WPA2, etc, but I don't believe that for practical purposes a router that has wifi built-in is any less secure than one without that.
Well the key things I look at is how user input is handled when I inspect code. Its a little harder to use the NSA tools they wrote to reverse read flashed firmware and its not really 100% reliable. The common mistake is lack of user input sanitation and input size buffer checks that can lead to code injection.
Wifi is quite exploitable. There are three main methods to accomplish this. But the most easiest is intercepting the four way handshake to obtain the password like in this video:
The above is the main reason why administrating a network with a wifi device or even allowing a wifi network to access the administration parts of a network is a security risk.
Last edited:
If I'm using something I can patch I patch it. But other things I raise the issue to the developers when I see it. Not everyone's software is perfect. But contributors and user feedback are evolution of fixes and enhancements for open source software.
A lot of these software firewall/routers run the same or similar unix/linux programs so much of them are just web interfaces controlling OS modules that are normally configured by editing a text file.
Tech9
Part of the Furniture
What about the clients? Most network breaches originate from the LAN side. I guess, you make your own.
I deploy Intrusion protection software when I ran just linux with iptables, bind9, ubound, and UFW, but now these days I'm running ipfire that has Suricata 7 built in.
But if I was really worried that someone or something could access and change things on my home network in ipfire, I would set up an interface and point its web GUI exclusively to it and do out of band management.
Tech9
Part of the Furniture
You perhaps know it doesn't see encrypted traffic unless you run SSL proxy and this approach has own issues.
its what they have made. plus there are other things too deployed. To me, I could care less since I'm trying it instead of configuring the Linux modules manually and don't deploy ips in the first place.
Similar threads
Similar threads
Similar threads
-
Have a rt ax86s is it better to buy a rt ax86u or the rt ax86u pro
- Started by Thelastone
- Replies: 3
-
-
-
-
-
-