[Cryptography] TR-069 & firewalls
RB
aoz.syn at gmail.com
Mon Dec 19 13:06:21 EST 2016
On Mon, Dec 19, 2016 at 10:27 AM, Henry Baker <hbaker1 at pipeline.com> wrote:
> Is there any way to firewall the TR-069 protocol?
>
> My DSL ISP uses TR-069, but their router also allows me to fiddle with the firewall; could I use the firewall to deny TR-069 access?
You can probably block it, but TR-069 is pretty much designed to allow
them to disable that block at will. I handle this by putting the ISP's
backdoored device into bridge mode, then terminate the PPPoE
connection on a router under my full control. More complexity and
power consumption, but at least it keeps the known-compromised device
outside my network.
More information about the cryptography
mailing list