vignesh_venkatesan
Professional Procrastinator
Does bsnl baabus know what's happening properly ?
Each one is claiming different things 🤦♂️
Each one is claiming different things 🤦♂️
-
Amazon Deals - ToS - Warp
Is bsnl ever going to fix its current latency issue.
- Thread starter dvn880
- Start date
- Replies 52
- Views 9,906
Is it possible that jio is behind botnet attacks?
BSNL Babus do not understand basic security. No shit they are experiencing Botney attacks. I'm amazed at their incompetence. Class 12 computer prodigies can do a better job of a securing a network than BSNL babus.
@vishalrao WHAT! CG-NAT is what the developed world is moving away from. Aren't you aware of the cons? There's no customer advantage to CG-NAT.
Who in the right mind wants CG-NAT?
en.wikipedia.org
Also how in the world will you hack an ONT/Router/Modem if remote access and global ICMP is disabled? Magic?
Who in the right mind wants CG-NAT?
Carrier-grade NAT - Wikipedia
Also how in the world will you hack an ONT/Router/Modem if remote access and global ICMP is disabled? Magic?
vignesh_venkatesan
Professional Procrastinator
CGNAT has many cons but it protects people who have basic internet usage( like streaming and web browsing ) and who don't know how to secure thier network.
Ideally by default users should be under CGNAT and if an user requires public ip should be given public ip.
Ideally by default users should be under CGNAT and if an user requires public ip should be given public ip.
@vignesh_venkatesan Normal people with no knowledge in networking will suffer from CG-NAT for gaming and VoIP purposes and also other cons as mentioned in those links I posted such as port forwarding, P2P performance etc. Who wants to pay extra for public IP?
NAT is not a security tool. Here's a research paper to help you understand better.
NAT is not a security tool. Here's a research paper to help you understand better.
vishalrao
The Global Village Idiot
I'm saying NAT will protect the vast majority of basic users devices from getting hacked and then participating in botnet/DDoS attacks.
Of course, like mentioned in previous post, ISPs can hand out public IP on user request for those users who need it.
@vishalrao
What's up with people saying NAT is a security measure? Experts have been debunking it since it's creation. NAT is NOT a security tool.
At the cost of disruption of basic internet functionality for everyone? Turn off ICMP global and remote access, problem solved. NAT will never be able to protect idiotic users who will download and run unknown executables/run outdated firmware and software.
What's up with people saying NAT is a security measure? Experts have been debunking it since it's creation. NAT is NOT a security tool.
Pay for the public IP address when you are already paying expensive bills for large data quota? No thank you.
Last edited:
vishalrao
The Global Village Idiot
@Dark_Nate there is this concept of "attack surface" in security domain. Using NAT will vastly reduce this attack surface for most basic users.
I agree NAT is not a security tool and basic users can easily get hacked via other vectors like browser/OS/software they run.
I agree NAT is not a security tool and basic users can easily get hacked via other vectors like browser/OS/software they run.
@vishalrao
CG-NAT's perceived "protection" is not worth it at the cost of open NAT for everyone else.
There are better ways to protect customers. Like ensuring default logins of the router/modems/ONT is changed during installation. Also disabling ICMP global and remote access is going to give greater security measure than CG-NAT ever could.
Since you are talking about normal people, this means they use ISP modem, the ISP modem could come with default ICMP global and remote access disabled.
If CG-NAT is key to the future of networking security, developed nations would not be talking about getting rid of it and deploying IPv6.
I can give you my public IP address and you will never be able to even establish a connection let alone break through due to simple measures as stated above.
CG-NAT's perceived "protection" is not worth it at the cost of open NAT for everyone else.
There are better ways to protect customers. Like ensuring default logins of the router/modems/ONT is changed during installation. Also disabling ICMP global and remote access is going to give greater security measure than CG-NAT ever could.
Since you are talking about normal people, this means they use ISP modem, the ISP modem could come with default ICMP global and remote access disabled.
If CG-NAT is key to the future of networking security, developed nations would not be talking about getting rid of it and deploying IPv6.
I can give you my public IP address and you will never be able to even establish a connection let alone break through due to simple measures as stated above.
@vishalrao According to the US DoD and other agencies only Hauwei has been confirmed to have backdoors.
Also Project Zero and other independent security researchers study routers for a living. If there are intentional backdoors we would've known by now.
Also Project Zero and other independent security researchers study routers for a living. If there are intentional backdoors we would've known by now.
vishalrao
The Global Village Idiot
From few years ago:
www.bleepingcomputer.com
BrickerBot Dev Claims Cyber-Attack That Affected Over 60,000 Indian Modems
The author of the BrickerBot malware has claimed a cyber-attack that took place in various Indian states and has caused over 60,000 modems and routers to lose Internet connectivity.
@vishalrao
Like I said change login info, disable ICMP global and remote access, problem solved.
Source: BrickerBot Dev Claims Cyber-Attack That Affected Over 60,000 Indian Modems
Like I said change login info, disable ICMP global and remote access, problem solved.
