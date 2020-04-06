Geekzone: technology news, blogs, forums
Any way to enable https on HG659b?


#269753 6-Apr-2020 13:25
I had a minor panic this morning that may, or may not have been induced by some kind of network intrusion.

 

I've ended up factory resetting my router (HG659b), and maybe it's just my heightened sense of awareness, but it seems very odd that I'm using an unsecured connection to the router itself!??

 

I've searched the forums and the google and come up empty.

 

Is there any way to enable https for access to the HG659b ?

 

 

 

Thx!

 

edit: another idea that may work is using the guest network as the primary, MAC address filtering the main network, and only ever using that one for router admin

 

 

  #2455735 6-Apr-2020 13:38
Hi, what is changing the router managment interface to TLS going to achieve, other than stopping someone watching you manage it via a wireless connection, a bit of a long stretch I suspect.

 

Cyril

'That VDSL Cat'
  #2455742 6-Apr-2020 13:49
i'd have to agree with Cyril with this. i see no reasonable benefit here.

 

Sure SSH over telnet makes sense... but if you think about the logistics of moving from HTTP to HTTPS you have to do the ugly thing of using a self signed cert (impacting your joe blogs end user's ability to use the control panel) or moveto the router using an alternative page (eg router.login, but with a FQDN instead and then regularly update that SSL cert.)




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 

 
 
 
 




  #2455807 6-Apr-2020 14:06
The perceived benefit is that my router admin and subsequently changed WiFi access password would not be passed around without being encrypted.

 

ie. I did a factory reset based on the notion that my network may have been compromised at the time, and then reset passwords... but without any encryption, anyone sniffing the traffic is just getting my new passwords anyway. :(

 

 

 

I'm not very smart, so maybe I'm missing something obvious here.

  #2455810 6-Apr-2020 14:12
The wifi connection should be WPA2 encrypted anyway, so the router password isn't being broadcast in clear text. It would only be something already connected to the network that could see the password over http.

  #2455814 6-Apr-2020 14:17
Hi, so as Runningman says, assuming you were using WPA2 all your traffic over wireless is encrypted by WPA2, even when you are connecting to the HTTP interface via wireless. The only time it would be in the clear is if someone was snooping on a wired connection, and even then many of these types of devices will hash the password when you login, which is not particularly strong but still its a long stretch that someone managed to get your wireless password.

 

Cyril 

