Any way to enable https on HG659b?

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › Any way to enable https on HG659b?

Edwood

218 posts

Master Geek

#269753 6-Apr-2020 13:25

I had a minor panic this morning that may, or may not have been induced by some kind of network intrusion.

I've ended up factory resetting my router (HG659b), and maybe it's just my heightened sense of awareness, but it seems very odd that I'm using an unsecured connection to the router itself!??

I've searched the forums and the google and come up empty.

Is there any way to enable https for access to the HG659b ?

Thx!

edit: another idea that may work is using the guest network as the primary, MAC address filtering the main network, and only ever using that one for router admin

cyril7

9058 posts

Uber Geek

ID Verified

Trusted

Subscriber

#2455735 6-Apr-2020 13:38

Hi, what is changing the router managment interface to TLS going to achieve, other than stopping someone watching you manage it via a wireless connection, a bit of a long stretch I suspect.

Cyril

hio77

12999 posts

Uber Geek

ID Verified

Trusted

Lizard Networks

#2455742 6-Apr-2020 13:49

i'd have to agree with Cyril with this. i see no reasonable benefit here.

Sure SSH over telnet makes sense... but if you think about the logistics of moving from HTTP to HTTPS you have to do the ugly thing of using a self signed cert (impacting your joe blogs end user's ability to use the control panel) or moveto the router using an alternative page (eg router.login, but with a FQDN instead and then regularly update that SSL cert.)

#include <std_disclaimer>

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

Edwood

218 posts

Master Geek

#2455807 6-Apr-2020 14:06

The perceived benefit is that my router admin and subsequently changed WiFi access password would not be passed around without being encrypted.

ie. I did a factory reset based on the notion that my network may have been compromised at the time, and then reset passwords... but without any encryption, anyone sniffing the traffic is just getting my new passwords anyway. :(

I'm not very smart, so maybe I'm missing something obvious here.

RunningMan

8953 posts

Uber Geek

#2455810 6-Apr-2020 14:12

The wifi connection should be WPA2 encrypted anyway, so the router password isn't being broadcast in clear text. It would only be something already connected to the network that could see the password over http.

cyril7

9058 posts

Uber Geek

ID Verified

Trusted

Subscriber

#2455814 6-Apr-2020 14:17

Hi, so as Runningman says, assuming you were using WPA2 all your traffic over wireless is encrypted by WPA2, even when you are connecting to the HTTP interface via wireless. The only time it would be in the clear is if someone was snooping on a wired connection, and even then many of these types of devices will hash the password when you login, which is not particularly strong but still its a long stretch that someone managed to get your wireless password.

Cyril

hio77

12999 posts

Uber Geek

ID Verified

Trusted

Lizard Networks

#2455867 6-Apr-2020 15:01

Edwood:

I'm not very smart, so maybe I'm missing something obvious here.

as an end user, you would get something like this:

This is alot more alarmist and difficult for your average joe to manage with, than worrying about the 0.00000000000000000000001% chance Traffic being sniffed across the wire.

#include <std_disclaimer>

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

Edwood

218 posts

Master Geek

#2455986 6-Apr-2020 16:14

Cool, so with the default encryption (WPA+WPA2), that initial connection is suitably encrypted anyhoo. Mint!

I can't even log in to my router (from my main browser) - compounding issues.

Thx Ya'll!