What to do with retired Linksys WRT54GL?

[Samir]

It's sad that solid gear like that can't find a good home. I mean, it's basically a router version of the wap54gs I use around here for simple itoys access.

 

[NUTW0RX]

B? G? It's time to get rid of legacy and move to AC/5 GHz. I don't buy anything that can't support AC/5 GHz. We only have four devices left on N/2.4 GHz...Wii U and tablet and both are rarely used, a mobile phone that only connects to WiFi for larger system updates and a crappy iphone. And also have two rarely used streaming N/5 GHz devices that don't have wire run to them. Everything else is wired or AC.

 

[sfx2000]

B? G? It's time to get rid of legacy and move to AC/5 GHz. I don't buy anything that can't support AC/5 GHz. We only have four devices left on N/2.4 GHz...Wii U and tablet and both are rarely used, a mobile phone that only connects to WiFi for larger system updates and a crappy iphone. And also have two rarely used streaming N/5 GHz devices that don't have wire run to them. Everything else is wired or AC.

Not everyone is in the same situation as you...

 

[Csection]

It's sad that solid gear like that can't find a good home. I mean, it's basically a router version of the wap54gs I use around here for simple itoys access.

You could always use it as a switch for older g devices or even an AP for those devices!

 

[TheManFromUncle]

Guest network.

 

[NUTW0RX]

Not everyone is in the same situation as you...

G dates back to circa 2003 and you're telling me someone couldn't save one dollar ($1) a year to upgrade to a $15 TEW-731BR or similar product to at least get to N and rid themselves of WEP? Even WPA isn't advisable so we're stuck with WPA2/AES.

I personally would feel guilty giving older, insecure equipment to anyone knowing these home router manufactures typically abandon updates after 2-3 years.

https://www.ftc.gov/news-events/pre...rges-insecure-home-routers-cloud-services-put

 

[sfx2000]

I personally would feel guilty giving older, insecure equipment to anyone knowing these home router manufactures typically abandon updates after 2-3 years.

Linksys is still updating the firmware for the WRT54GL...

http://www.linksys.com/us/support-article?articleNum=148652

Linksys

Product:                WRT54GL
Hardware Version:       1.0 & 1.1
Classification:         Firmware Release History
Release Date:           Jan 22, 2016

Last Firmware Version:  4.30.18 (build 6)

 

[NUTW0RX]

Linksys is still updating the firmware for the WRT54GL...

http://www.linksys.com/us/support-article?articleNum=148652

Linksys

Product:                WRT54GL
Hardware Version:       1.0 & 1.1
Classification:         Firmware Release History
Release Date:           Jan 22, 2016

Last Firmware Version:  4.30.18 (build 6)

Yup, over a year since an update. It's a niche, tinkerer device with a certain type of crowd keeping it alive...enough on that.

 

[Samir]

Who is really going to be hunting down a wrt54g as an attack target? Like there's going to be any money behind that old thing? It's the new shiny, super-fast stuff that will have some goodies behind it.

Anyone running windows 95 hasn't seen exploits in decades and you can run naked to the Internet.

It's not about 'newer and fresher is better' but whether a particular device gets a job done. I still laugh at 100Mbit serial to ethernet adapters--why do you need 100Mbit when serial topped out a 512kbits/sec. That's not even a fraction of 10Mbit Ethernet. And a wrt54g would work perfectly well for transmission of this type of data.

 

[sfx2000]

Yup, over a year since an update. It's a niche, tinkerer device with a certain type of crowd keeping it alive...enough on that.

I'm not certain what your problem is here...

OP was looking for some value here - and you're not contributing any.

 

[pege63]

Lock this down now

 

[RMerlin]

Not if it's in the DMZ in gateway mode - since it's NAT'ed (NAT is a firewall) and no ports opened, it's perfectly safe

Incorrect. NAT will firewall inbound connections into the WRT54G, but not the outbound ones. So, WRT54G gets direct access to the primary gateway, which it can try to compromise, and gain control of. Once primary gateway is compromised, the whole LAN segment connected to the primary gateway becomes compromised.

NAT is only an inbound firewall, not outbound. I've used such double NAT setup in the past for specific configuration needs (where people behind the second router had to be isolated from people between both routers, yet still have full access to a printer located between the two routers).

 

[Samir]

Incorrect. NAT will firewall inbound connections into the WRT54G, but not the outbound ones. So, WRT54G gets direct access to the primary gateway, which it can try to compromise, and gain control of. Once primary gateway is compromised, the whole LAN segment connected to the primary gateway becomes compromised.

NAT is only an inbound firewall, not outbound. I've used such double NAT setup in the past for specific configuration needs (where people behind the second router had to be isolated from people between both routers, yet still have full access to a printer located between the two routers).

No router is completely 'safe'. If someone wants to break in, they will. The question is who is going to really care about a wrt54 in this day and age?

 

[RMerlin]

No router is completely 'safe'. If someone wants to break in, they will. The question is who is going to really care about a wrt54 in this day and age?

Hackers are going to jump like flies over honey at the sight of a WEP AP broadcasting in the open. That's the real worrying part.

 

[RMerlin]

Yup, over a year since an update. It's a niche, tinkerer device with a certain type of crowd keeping it alive...enough on that.

Tomato is a very solid firmware to use on a WRT54GL, if one wants to keep using it as a basic AP for legacy devices, or as a network switch.

It could also be used as a basic firewall to isolate a portion of a network.

 

[sfx2000]

Worst case with WEP, build a static route on the primary GW, and this protects the LAN side....

 

[sfx2000]

I suggested WEP, but obviously there are the risks, the WRT54G/GL do support WPA1/WPA2, and that's the preferred way to configure things.

Anyways - with either factory or 3rd party (Tomato supports this very nicely), one can put the IoT and other "less trustworthy" and legacy devices over there, keeping the primary Router/AP/Gateway for the N and above clients (outside of IoT)

 

[Samir]

Hackers are going to jump like flies over honey at the sight of a WEP AP broadcasting in the open. That's the real worrying part.

Hackers should also jump all over open ssids that are locked down with mac restrictions only, but I never see such things. It all depends on where you're deploying the ap as well.

 

[System Error Message]

get an SMD kit and recycle the components. You could make your own NIC that would take the load from the CPU or make other things.
You could sell them cheaply to be used as what made the router popular was its reliability. Routers like mikrotik routerboards even ones that are years old are still useful and end up being in use till their CPUs arent fast enough.
You could use them as mini servers. Installing openwrt on them and making them into mini linux servers that each perform some tasks on your network. With 3 devices you could make your own independent NTP service.

The best thing to do with old computer hardware is simply to recycle/reuse. you can use it yourself, sell/give to others, or recycle the components from it to use in other things. Even the plug for the router itself is a PSU that can go into powering your electronics projects if you do electronics for fun or serious. The antennas can be used in your own wifi projects too or as an antenna for something else. Onboard components can be removed with an SMD kit and reused for something else, so many useful components and the chips as well for when you want to do more advance things. Even those old square LCD panels are still useful too, not for your everyday display but you can connect them up to equipment for display such as a digital microscope or even a camera or simply to form a display for your private tracking system to track people around the world.

 

[sfx2000]

Hackers are going to jump like flies over honey at the sight of a WEP AP broadcasting in the open. That's the real worrying part.

They might... in most residential locations, probably not, and even then, they would be looking for WAN access first...

The threat, while valid, is overblown, imho... in any event, put it into WPA1/TKIP, and the problem goes away, most G class client adapters can do this, and many B class can - there are a few devices out there that are still WEP only, but they're pretty rare these days - the one that comes to mind is the first gen Nintendo DS and DSLite, along with a some DS carts that are supported by DSi/3DS...

Now that the Wii/DS network game servers are shutdown (back in 2014) - it's probably moot - but the Nintendo DS use case is the best one I can find for setting up a dedicated WEP AP just for them,,,