| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 8 Feb 2008 19:02:53 -0500 (EST) From: Jay Sulzberger <jays@...ix.com> To: full-disclosure@...ts.grok.org.uk Subject: [ NNSquad ] Verizon's access via their provided Actiontec MoCa router (fwd) ---------- Forwarded message ---------- Date: Fri, 08 Feb 2008 16:04:00 -0500 From: Andrew C Burnette <acb@....net> To: "nnsquad@...quad.org" <nnsquad@...quad.org> Subject: [ NNSquad ] Verizon's access via their provided Actiontec MoCa router Hey folks, In discussion with Lauren (off list) I recalled the following info that might be of interest to any FIOS users who actually want their home network to be a bit more secure. During a recent UPS battery swapout, I got stuck with a verizon 'dead' DHCP lease (it would not lease me an IP address). VZ Tech support was able to access and verify the configuration, code rev, and connectivity on the Actiontec router, despite there being no visible external IP address (according to my web view on the box) on the router. To me, that equals no security if they (unknown they...) can access my LAN or router without even their router logs showing such external access. Not good. Anyway, in bridge mode, I run a software firewall behind it, which does the actual DHCP request and is my external visible IP to the world. You can still do all the normal stuff, using the Actiontec as a MoCa to Ethernet interface (NIM). Best regards, Andy Burnette _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists