Benefits of upgrading an old 2Wire 1000SW modem/router?
I'm still using the same 2Wire Homeportal 1000SW DSL gateway/modem I bought well over 10 years ago. It's never given me any trouble at all and is still in good working order. I've got AT&T HSI Elite and get an average of 642 KB/sec down and 78.5 KB/sec with it according to the 4 speed tests at speedtest.eastlink.ca/.
It sits in front of a small home network that consists of a pfSense hardware firewall, Netgear GS105E switch, and a couple FreeBSD boxes. It only supports WEP encryption but I disabled that long ago in favor of an Ethernet network and am happy with that.
What I'm wondering is if it isn't time to upgrade due to it being so old. It's still using the last firmware upgrade that was available to it (3.55) when I bought it and hasn't been updated since. I'm not aware of any vulnerabilities associated with it (though I could be mistaken), and it returns a stealth status when subjected to an online scan, but I'm starting to worry if it isn't a weak link in my network and if an upgrade wouldn't be a good idea at this point.
I'd like some feedback on whether or not there would be any benefit to upgrading to a new one or if I'm alright continuing to use what I've got. From the research I've done the supported models AT&T is listing, the Netgear Model 7550 and PACE Model 4111N, don't last anywhere close to as long as my trusty 2Wire has held up.
If I do upgrade it will have to be something I either order from AT&T or pick up locally from Staples, Best Buy, etc.
Edit: After checking it seems there has been a directory traversal vulnerability listed for this and other 2Wire Homeportal gateways since Dec. 2003.
2Wire HomePortal Series Directory Traversal Vulnerability
"It has been reported that the software is allegedly prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory. This issue is reported to exist in the 'wralogin' authentication form that is accessed through the HTTPS (SSL) interface.
Successful exploitation of this vulnerability may allow a remote attacker to gain access to sensitive information that may be used to launch further attacks against a vulnerable system.
All versions of 2Wire HomePortal Series have been reported to be vulnerable to this issue."
The author classifies the exploit as "very hard to reproduce", but it looks like I'll be getting another gateway after all.
Granite City, IL
ever hear the saying "If it isn't broke don't fix it!" Ironically I had one of those 2wire 1000sw routers for a long, long time. They hold their own quite well. plus it comes in really handy as a nid/sni test device as you can go in and use the wep and 802.11b and a smart phone to test your readings at the nid/sni/test jack if needed.
Personally I would leave it for now. I plan on leaving the 5100b in bridge mode on my dsl at the house till it is time to change it.
P.S. also to defeat that exploit you can change the base IP address of the 2wire itself. As long as you don't take the default ones it makes it pretty hard to reproduce and make work. So if you set your default or base IP address to say 188.8.131.52 a hacker would have to know you use 184.108.40.206 as your base. If it's the same one I am thinking of back then. 2wire fixed this problem with the prior models they could still hit with updates back then. This problem won't be present in any of the current offerings from pace.
If you have a topic in the direct forum please reply to it or a post of mine, I get a notification when you do this.
Koetting Ford, Granite City, illinois... YOU'RE FIRED!!
Thanks for the tip about changing the LAN address of the router. I checked it out and it's possible to change it to anything so I'll give that a try.
Believe me, I'd just as soon not have to change to another router if I can manage to secure this one. My 2Wire has never given me so much as a hiccup. It runs cool to the touch and I'm getting good speeds out of it for my DSL package.
Edit: I opted to go ahead and get a Netgear N300 Modem/Router since my 2Wire was only capable of WEP encryption. I still prefer my 2Wire but it's time for a change. If the Netgear gives me 10 years of continuous trouble free service like my 2Wire did I'll consider myself extremely lucky.
Here are todays speedtest results using the Netgear with my AT&T HSI Elite DSL package: