1 |
On Wed, Mar 29, 2017 at 12:47 AM, Mick <michaelkintzios@×××××.com> wrote: |
2 |
> On Tuesday 28 Mar 2017 22:52:25 Jorge Almeida wrote: |
3 |
> |
4 |
|
5 |
> Many ISPs today implement TR-069 (a standard of the DSL forum) to access |
6 |
> customer equipment remotely for service provisioning. They use configuration |
7 |
> servers to implement management access to *their* routers and update |
8 |
> firmware/software, reset the configuration to defaults, or more secure |
9 |
> settings. |
10 |
> |
11 |
> http://www.broadband-forum.org/technical/download/TR-069.pdf |
12 |
> |
13 |
> This also allows them to undertake status and performance monitoring and run |
14 |
> some diagnostics tests to manage their customers' complaints. |
15 |
> |
16 |
> The extent to which all this also allows spying on your connections is |
17 |
> debatable, but if they have access to your DNS resolver, I guess they can |
18 |
> route your queries on the fly, wherever they like. |
19 |
> -- |
20 |
Spying on packets is probably something they'll be able to do if they |
21 |
want to. Infiltrating the home network is what I find spooky. No one |
22 |
seems to talk about it, maybe I'm missing something that is obvious |
23 |
for more knowledgeable people. |
24 |
|
25 |
BTW, I've been using dnscache (from djbdns) for years. I suppose that |
26 |
protects against spoofing? |
27 |
|
28 |
Regards |
29 |
|
30 |
Jorge |