I'm still using the same 2Wire Homeportal 1000SW DSL gateway/modem I bought well over 10 years ago. It's never given me any trouble at all and is still in good working order. I've got AT&T HSI Elite and get an average of 642 KB/sec down and 78.5 KB/sec with it according to the 4 speed tests at speedtest.eastlink.ca/.
It sits in front of a small home network that consists of a pfSense hardware firewall, Netgear GS105E switch, and a couple FreeBSD boxes. It only supports WEP encryption but I disabled that long ago in favor of an Ethernet network and am happy with that.
What I'm wondering is if it isn't time to upgrade due to it being so old. It's still using the last firmware upgrade that was available to it (3.55) when I bought it and hasn't been updated since. I'm not aware of any vulnerabilities associated with it (though I could be mistaken), and it returns a stealth status when subjected to an online scan, but I'm starting to worry if it isn't a weak link in my network and if an upgrade wouldn't be a good idea at this point.
I'd like some feedback on whether or not there would be any benefit to upgrading to a new one or if I'm alright continuing to use what I've got. From the research I've done the supported models AT&T is listing, the Netgear Model 7550 and PACE Model 4111N, don't last anywhere close to as long as my trusty 2Wire has held up.
If I do upgrade it will have to be something I either order from AT&T or pick up locally from Staples, Best Buy, etc.
TIA
Edit: After checking it seems there has been a directory traversal vulnerability listed for this and other 2Wire Homeportal gateways since Dec. 2003.
»
www.securityfocus.com/ar ··· 1/3504202Wire HomePortal Series Directory Traversal Vulnerability"It has been reported that the software is allegedly prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory. This issue is reported to exist in the 'wralogin' authentication form that is accessed through the HTTPS (SSL) interface.
Successful exploitation of this vulnerability may allow a remote attacker to gain access to sensitive information that may be used to launch further attacks against a vulnerable system.
All versions of 2Wire HomePortal Series have been reported to be vulnerable to this issue."
»
www.securityfocus.com/bi ··· /discussThe author classifies the exploit as "very hard to reproduce", but it looks like I'll be getting another gateway after all.