Cybersecurity

8928 readers

111 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

EOL Router Question/ OpenWRT (lemmy.today)

submitted 3 months ago by sic_semper_tyrannis@lemmy.today to c/cybersecurity@sh.itjust.works

9 comments fedilink hide all child comments

Common security practices are to keep a router for as long as it's receiving security patches. Once it's EOL, then replace it.

I have a Gl.iNet router using the latest firmware that just released recently. However, the router is based on OpenWRT and is running v21.02 when the latest OpenWRT official version is 24.10.3. On OpenWRT's website v21.02 is considered EOL.

So should this router be considered EOL? Should the whole company not be worth buying from since everything sold is immediately EOL? I don't understand enough about cyber security to know how significant the jump is from v21.02 to v24.10.3.

PS. I know these routers can be flashed with straight OpenWRT but this is for the sake of my thought experiment.

you are viewing a single comment's thread
view the rest of the comments

[–] vk6flab@lemmy.radio 1 points 3 months ago (1 children)

The point I was trying to make is that End Of Life is in the eye of the beholder. Just because it doesn't get any updates from the manufacturer, doesn't mean that the user has to throw it away.

Similarly, a user can give the device to a second hand store and the next user can use it .. and so on.

As I said, it is not a fixed date or concept.

[–] rezad@lemmy.world 2 points 3 months ago

generally yes. but we are talking about a public network facing device that is usually the first line of defense against wide Net.

that needs to be updated for new threats. those threats are not as extensive as 20 years ago (a lot of stuff are way better) but there are still bugs that appear in router as seen by news about routers hack that sometimes pop up.