We looked at four routers for this review, two from D-Link, and one each from NetGear, and Linksys:
The overarching goal of our testing was less about performance than about security features and the ease of implementing them. For our testing, we first configured the routers to expose a game server to the rest of the world. We then port-scanned the router looking for open ports, which could be exploited by ill-intentioned crackers.
We configured each router as a DHCP server for internal clients, with a static IP WAN address hooked up to our labs T1 line.
We then began our testing by using a well-established game, Unreal Tournament (UT), with all the latest patches (version 4.36) and UT Bonus Packs (one through four). We ran a standard deathmatch server on a machine that was behind each routers firewall with the Advertise Server flag enabled.
We ran first with the routers default settings and checked to see if the server was visible via the Internet from a client machine on a different network segment. If the machine wasnt visible, we tried connecting directly to it using the "Open Location" command in UT. If this was unsuccessful, which in most cases it was, we then resorted to either putting the server in the routers DMZ (more on that in a bit), and then tried using whatever Port Forwarding features were available to us. We also evaluated Port Triggering if it was available.
Once we had the server visible on UTs master server list, we then used the same client machine and ran the Win32 version of nMap
, an open-source freely available port-scanning utility, and scanned the range of port addresses that UT uses to see if these ports were open.
And finally, we looked at the visibility of Windows shares when running a box in the DMZ versus using port-forwarding.
Now lets look at each individual router to see how it performed.