Category: Broadband Routers

 D-Link First to Add CAPTCHA to Its Home Routers to Help Prevent Against Attacks

D-Link’s CAPTCHA in action | DigitalMediaPhile (Barb Bowman)

My comments on this feature

A lot of blogs, comment pages / forums, social-network sites and Webmail services use a CAPTCHA as part of verifying what kind of user is signing up or adding comments to the blog or forum. Infact, users who wish to contact me via the blog’s contact form will be using CAPTCHA as part of proving who they are. This method, which typically requires a user to transcribe letters or numbers from a purposefully-distorted machine-generated graphic, has worked for a long time as a way to keep spambots from these sites.

By the way, a CAPTCHA-based verification system is a feature that I would like to see as part of adding comments to a blog post like this one or others on my blog. It would make life a lot easier for blog authors like myself when it comes to sorting out genuine comments from irrelevant comment spam.

This technique has been added as part of a firmware upgrade to most current-issue D-Link routers in response to recent security attacks against this class of equipment. These threats, typically in the form of Trojan Horses, take advantage of home-network equipment that is ran at “out-of-the-box” settings because most home users may not know how to configure the devices properly.

What will typically happen with these routers is that if the user wishes to change configuration or set up / modify an administrator account, they have to transcribe characters from the machine-generated graphic in a similar way to authenticating themselves with a blog or Webmail service on signup.

But this kind of security will not replace common-sense network security practices like setting the SSID of your wireless network away from the default and using a strong password on the device’s administrator account. It will augment these measures and more home-network equipment should be equipped with these features. Other practices that can be implemented for best security could include devices working on “least privilege” all of the time with the option of password and CAPTCHA verification for serious configuration tasks. This is similar to how Windows Vista and Windows 7 operate; and how a properly-setup building alarm system operates. For example, the network status page on a router could be available “without login” but you have to log in to change status.

At least this is one step being made towards a secure home and small-business network.

 D-Link Debuts the DIR-685 All-in-One 802.11n Router / Photo Frame / NAS Server | eHomeUpgrade

My comments about this router

There have been a few features that make this router be different to the typical Wireless-N broadband router. One is the implementation of a colour LCD display that makes you think of the unit being like the typical personal electronics device. This could lead towards the network-Internet “edge” router having a user-interface display with lots if information on board rather than a box with a row of flickering lights.

Another feature that is differentiating this router is the use of the display as an electronic photo frame. This may typically work with pictures held on a hard disk attached to this unit rather than discover pictures existing on the network. This functionality can appeal to the unit being typically placed in the office or den and working as a picture display. Another factor of interest is that if the unit only shows images on the locally-attached hard disk, it can present the pictures over the local network to any DLNA-capable media player.

At least there is a step in the right direction in making the network-Internet “edge” router more special for the home network and could lead to one considering whether to replace the ordinary-old Internet edge.