You’d be amazed at some of the weaknesses in consumer routers. I’ve read some scary articles about it. The problem isn’t that the manufacturers of routers can’t make them rock solid, it’s just that they configure them badly with things like universal plug-and-play enabled, and in some models don’t give you the option to turn off these “convenience” features. It’s kind of like the bad old days when Microsoft kept adding “convenience” features to Windows and Word (printer-sharing, auto-macros, etc), introducing new security holes one after another. It took years to clean up that mess.
If you care about security and you’re geeky enough, you can buy a cheap router and install DD-WRT firmware on it. Doesn’t work with every model of router - you’ve got to visit the DD-WRT web site and look it up in the database. Installing DD-WRT has to be done right, or you can brick your router. Not everyone should attempt this.
dd-wrt.com/site/index
A better option is to buy a router which already has DD-WRT installed. These do exist, though unfortunately they aren’t the cheapest routers. Buffalo Technology has several models like this, which can be bought in Taiwan.
buffalo-technology.com/techn … re/dd-wrt/
Even with DD-WRT installed, you do have to configure its security features. The beauty of it though is that you can configure everything - again, it helps if you know what you’re doing.
Whatever you do, don’t buy a router from the USA. It seems that the NSA has a program in place to intercept routers being shipped and secretly installs “upgrades” which plant back doors into the firmware. This has particularly upset Cisco, a US manufacturer of routers which has recently seen its sales plummet:
arstechnica.com/tech-policy/2014 … g-implant/
infoworld.com/d/the-industry … cts-242534
Finally, be aware that even the best firewall doesn’t make your computer hack-proof. Downloading rogue “free” applications, flash video and Java exploits can still doom your computer. A firewall won’t stop something from infecting your computer if you allow it in.