DD-WRT open source firmware removes many firmware vulnerabilities and backdoor access issues that may cause problems in stock firmware. DD-WRT is also updated more frequently than stock firmware, so be sure to always check with the FlashRouter support team to see which DD-WRT build we recommend for the highest level of security for your router at any time.
Aside from avoiding common issues and flaws with stock firmware, DD-WRT give you more control over the firmware settings and allows you to take some extra steps to really lock down your network security. In this article we highlight additional options for WiFi network security and also preventative measures for remote execution attacks.
Wireless MAC Filtering
Navigate to Wireless > MAC Filter

- Set Use Filter to Enable.
- Select either Prevent or Permit
- Choose Prevent to add MAC addresses that you don’t want to join your network.
- Choose Permit to add MAC addresses that you do want to join your network, automatically blocking all others.
- Select Edit MAC Filter List.
- Add the MAC Address of the wireless devices you want to prevent or permit. Be sure to use the xx:xx:xx:xx:xx:xx format. Hint: You can see a list of connected devices MAC Address by clicking Wireless Client MAC List.
- Click Save.
- Replicate the steps above for each wireless band.
- Click Apply Settings.
Disable Remote Access
Navigate to Services > Services

- Set SNMP to Disable – this setting disables Simple Network Management Protocol, which prevents software from polling your network for information about connected devices.
- Set SSHd to Disable – disabling the Secure Shell is a simple way to prevent root access and brute force attacks on your network.
- Set Telnet to Disable – Telnet is a less secure version of SSH to manage your local router network via command line.
- Click Apply Settings.
Navigate to Administration > Management

- Set Web GUI Management to Disable.
- Set SSH Management to Disable.
- Set Telnet Management to Disable.
- Set Allow Any Remote IP to Enable – Even though this setting is set to Enable there is no remote access because Web GUI Management is already set to Disable.
- Click Apply Settings.