Re: SpeedStream 5200 hijacking incoming http connections?

Author	All Replies
cshake join:2009-05-12 Marcellus, NY	reply to Doctor Olds Re: SpeedStream 5200 hijacking incoming http connections? Thanks for the reply! I wasn't aware of the loopback 'feature' of the router. I guess I just searched the forums instead of the FAQ as well. Upon testing with a proxy, I do actually get the page I'm looking for, so I don't actually need to change it into bridge mode. I contend, however, that I'm just as secure this way. While the modem has disabled firewall and DMZ enabled, the Netgear router behind it (the only thing connected directly to it) has its firewall turned on, remote access disabled, and only the ports I specify are forwarded into the lan. I set it up this way originally because the modem only worked when a PC was connected with their software suite that 'registered' the username and password for the account. It kept track of the MAC address of this 'authorized' computer for the account after it had entered the account details, and I was only able to connect the router and have the DSL work when I turned on MAC spoofing to duplicate the PC's network card. Sorry about not using the Windstream forum, but I figured this was more of a hardware issue than custom firmware.
cshake join:2009-05-12 Marcellus, NY	to forum · permalink · · 2009-05-13 12:52:20 ·
Doctor Olds I Need A Remedy For What's Ailing Me. Premium,VIP join:2001-04-19 1970 442 W30 clubs:	I will repeat that you are less secure and I mean in the 5200 itself (open to reconfiguration/take over using CSRF Attacks and other exploits that attack unsecured/insecure Router/Modem configurations) since the 5200 still has a Web Interface with both WAN and LAN side active plus being DMZ'd to the Wireless Netgear Router. The Netgear Router is likely secure and the PCs on the LAN would be taken care of by the Netgear, so that leaves the 5200 that should really be Bridged so you don't have insecure DMZ running and don't have Doubled NAT/NAPT translation being performed on each packet in and out of your LAN. Networks should always be built under the KISS principle. -- What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?
	to forum · permalink · · 2009-05-13 16:47:15 ·
Doctor Olds I Need A Remedy For What's Ailing Me. Premium,VIP join:2001-04-19 1970 442 W30 clubs:	reply to cshake said by cshake : I set it up this way originally because the modem only worked when a PC was connected with their software suite that 'registered' the username and password for the account. It kept track of the MAC address of this 'authorized' computer for the account after it had entered the account details, and I was only able to connect the router and have the DSL work when I turned on MAC spoofing to duplicate the PC's network card. Don't know what this is about as I've never heard of it since PPPoE does not use MAC IDs for authentication. It uses PPP. Just like a dial-up connection. That sounds like misconfiguration again as I know Windstream doesn't use MAC IDs. That is usually a Cable Broadband issue only since they use DHCP to assign one PC (behind the Cable Modem) the one Public IP that the Account is allowed. -- What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?
	to forum · permalink · · 2009-05-13 16:53:47 ·


Monday, 14-Dec 16:02:26	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF