| 1 |
On Wed, Mar 29, 2017 at 12:47 AM, Mick <michaelkintzios@×××××.com> wrote: |
| 2 |
> On Tuesday 28 Mar 2017 22:52:25 Jorge Almeida wrote: |
| 3 |
> |
| 4 |
|
| 5 |
> Many ISPs today implement TR-069 (a standard of the DSL forum) to access |
| 6 |
> customer equipment remotely for service provisioning. They use configuration |
| 7 |
> servers to implement management access to *their* routers and update |
| 8 |
> firmware/software, reset the configuration to defaults, or more secure |
| 9 |
> settings. |
| 10 |
> |
| 11 |
> http://www.broadband-forum.org/technical/download/TR-069.pdf |
| 12 |
> |
| 13 |
> This also allows them to undertake status and performance monitoring and run |
| 14 |
> some diagnostics tests to manage their customers' complaints. |
| 15 |
> |
| 16 |
> The extent to which all this also allows spying on your connections is |
| 17 |
> debatable, but if they have access to your DNS resolver, I guess they can |
| 18 |
> route your queries on the fly, wherever they like. |
| 19 |
> -- |
| 20 |
Spying on packets is probably something they'll be able to do if they |
| 21 |
want to. Infiltrating the home network is what I find spooky. No one |
| 22 |
seems to talk about it, maybe I'm missing something that is obvious |
| 23 |
for more knowledgeable people. |
| 24 |
|
| 25 |
BTW, I've been using dnscache (from djbdns) for years. I suppose that |
| 26 |
protects against spoofing? |
| 27 |
|
| 28 |
Regards |
| 29 |
|
| 30 |
Jorge |
Archives