Secure DOCSIS 3.1 Gateway/Modem?

luckymatt42

Upstanding
May 23, 2018
446
1
360
There have been all sorts of reports of terrible security for home internet modems/gateways...hardcoded passwords and other security flaws.

Xfinity is my only option, and based on their device qvl in the 150mbps/3.1 range, looks like my choice of brands are Arris (SB8200), Motorola (MB8600), and Netgear (CM1000/1100).

Any recommendations as to which is the least insecure? Any other xfinity compatible models to recommend?
 
Consider going separate modem->router->wifi.

a modem by it's self doesn't really have anything that can be broken into.
For router wifi edgerouter+unifi ap is nice.

don't open any service to inbound connections. some of the recent ones were from the admin page being available from outside the NAT which could be logged into with the default or weak pw. wifi security has had weakness in the past few years. so with an ap you can just replace it if it's not getting an update. don't turn on upnp or anything similar in the router that would open ports.
 

luckymatt42

Upstanding
May 23, 2018
446
1
360


Thanks for the reply...it's just going to be for a small apartment, me as the only user, and I'd much prefer to go with an "all in one" type solution just for simplicity sake. I am very knowledgeable about computers in general (see my post history...), but I'm frankly a bit useless on the "networking" side. Also I"m not a security tinfoil hat paranoid...I just want something simple that isn't known to be a wide open security hole. I'm willing to make some simple configuration changes if I need to, but not much more past that.
 

luckymatt42

Upstanding
May 23, 2018
446
1
360


Of course...I'm just looking for a brand/model that when I announce what I got to the Toms forums, I won't get "oh god you didn't get THAT model out of all the choices! That brand/model is the WORST choice you could have made!!!"

If you HAD to choose between the brands/models above, which would YOU pick?

 
Securities issues pops up often, so really need to know what particular issue we're talking about in order to comment. If u have 2 particular boxes in mind, just Google them see what people say.

I run a plain cable modem, and pfsense behind it. I use Pfsense not particularly for its strong/weak security but it's full-featured, and there is a large user community, so lots of helps, any prob, I will hear it quickly.