1 edit | reply to Mele20
Re: In the Wild: Zlob Changing Router Settings to Hijack DNS I don't consider the necessity to use MAC address cloning to be a feature that makes an ISP superior. It is essentially breaking the way things were designed to work, with no two pieces of hardware having the same MAC address. I like to tinker with different security solutions, and frequently have different NAT routers, or home built firewalls on different OS's as the first thing the ISP sees. I don't want to be cloning MAC addresses all over the place, that would eventually lead to communication problems within my LAN.
I don't have RR any more, but when I did, MAC address cloning was not required. It took a few minutes for a new MAC address to be recognized and accepted, but eventually it was given a DHCP address.
News about exploits designed to attack NAT routers automatically from within your LAN is becoming more and more frequent. A good defense is a rule on your software firewalls that prevents outgoing traffic from the machines within your LAN to your router. Disable the rule temporarily to administer your router.
For home users, that are able to shut down internet access for a few minutes, it is a good idea to disconnect your WAN port when making modifications to your router configuration. Most NAT routers are more susceptible to shenanigans when rebooting. I would even recommend disconnecting LAN ports other than the one you are administering the router from when you make configuration changes.
Router exploits are very high risk. Without monitoring on your WAN port, which is very difficult to maintain due to the large number of log entries you get, how would you know if your router was compromised?
Edit: spelling |
