Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsLAN (ethernet/Wifi/routers/Bluetooth)Any way to enable https on HG659b?
Edwood

218 posts

Master Geek
+1 received by user: 21


#269753 6-Apr-2020 13:25
Send private message

I had a minor panic this morning that may, or may not have been induced by some kind of network intrusion.

 

I've ended up factory resetting my router (HG659b), and maybe it's just my heightened sense of awareness, but it seems very odd that I'm using an unsecured connection to the router itself!??

 

I've searched the forums and the google and come up empty.

 

Is there any way to enable https for access to the HG659b ?

 

 

 

Thx!

 

edit: another idea that may work is using the guest network as the primary, MAC address filtering the main network, and only ever using that one for router admin

 

 

Filter this topic showing only the reply marked as answer Create new topic
cyril7
9073 posts

Uber Geek
+1 received by user: 2499

ID Verified
Trusted
Subscriber

  #2455735 6-Apr-2020 13:38
Send private message

Hi, what is changing the router managment interface to TLS going to achieve, other than stopping someone watching you manage it via a wireless connection, a bit of a long stretch I suspect.

 

Cyril



hio77
'That VDSL Cat'
13036 posts

Uber Geek
+1 received by user: 3896

ID Verified
Trusted
Lizard Networks
Subscriber

  #2455742 6-Apr-2020 13:49
Send private message

i'd have to agree with Cyril with this. i see no reasonable benefit here.

 

Sure SSH over telnet makes sense... but if you think about the logistics of moving from HTTP to HTTPS you have to do the ugly thing of using a self signed cert (impacting your joe blogs end user's ability to use the control panel) or moveto the router using an alternative page (eg router.login, but with a FQDN instead and then regularly update that SSL cert.)




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have. 

Edwood

218 posts

Master Geek
+1 received by user: 21


  #2455807 6-Apr-2020 14:06
Send private message

The perceived benefit is that my router admin and subsequently changed WiFi access password would not be passed around without being encrypted.

 

ie. I did a factory reset based on the notion that my network may have been compromised at the time, and then reset passwords... but without any encryption, anyone sniffing the traffic is just getting my new passwords anyway. :(

 

 

 

I'm not very smart, so maybe I'm missing something obvious here.



RunningMan
9184 posts

Uber Geek
+1 received by user: 4834


  #2455810 6-Apr-2020 14:12
Send private message

The wifi connection should be WPA2 encrypted anyway, so the router password isn't being broadcast in clear text. It would only be something already connected to the network that could see the password over http.

cyril7
9073 posts

Uber Geek
+1 received by user: 2499

ID Verified
Trusted
Subscriber

  #2455814 6-Apr-2020 14:17
Send private message

Hi, so as Runningman says, assuming you were using WPA2 all your traffic over wireless is encrypted by WPA2, even when you are connecting to the HTTP interface via wireless. The only time it would be in the clear is if someone was snooping on a wired connection, and even then many of these types of devices will hash the password when you login, which is not particularly strong but still its a long stretch that someone managed to get your wireless password.

 

Cyril 

hio77
'That VDSL Cat'
13036 posts

Uber Geek
+1 received by user: 3896

ID Verified
Trusted
Lizard Networks
Subscriber

  #2455867 6-Apr-2020 15:01
Send private message

Edwood:

 

I'm not very smart, so maybe I'm missing something obvious here.

 

 

as an end user, you would get something like this:

 

 

 

 

This is alot more alarmist and difficult for your average joe to manage with, than worrying about the 0.00000000000000000000001% chance Traffic being sniffed across the wire.




#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have. 

HP

 
 
 
 

Shop now for HP laptops and other devices (affiliate link).
Edwood

218 posts

Master Geek
+1 received by user: 21


  #2455986 6-Apr-2020 16:14
Send private message

Cool, so with the default encryption (WPA+WPA2), that initial connection is suitably encrypted anyhoo. Mint!

 

I can't even log in to my router (from my main browser) - compounding issues.

 

Thx Ya'll!

 

E

Filter this topic showing only the reply marked as answer Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright