Morning people of the palace
Stuck at the office all alone and nothing to do
1 Like
@SIGSTART brilliant piece of reporting. The level of ignorance some ISPs have with regards to their infrastructure (and it’s not just DNS configuration) is really shocking
3 Likes
but because it is a router aimed at advanced users which is easy to misconfigure of you don’t know what you’re doing.
Was really having a hard time reading this sentence in the article, anyone else.
Also I can bet you my isp also have shady config for their routers.
3 Likes
Same, took me two tries. It’s the “of” in that sentence which should be an “if”. @Sigstart clearly didn’t have @Wyvern to edit his work.
And this what passes for “journalism” these days?! 
2 Likes
The one thing that really grinds my nuts with the whole setup we have with Fiber you cant get access to the Microtik router ( well at least I cant) I am ok with Microtik routers as I prefer using it I have way more control of what going on.
I went as far as setting up a Pfsense firewall between the Internet and my network. As I dont trust people. I just dont like the fact that the ISP can login and see whats going on the network. In this day and age you a youtube video away from gaining access to someones computer
2 Likes
Greetings !
2 Likes
That doesn’t actually solve the issue, although it does help you a bit; I’ll try and explain as simply as I can.
What this doesn’t prevent is someone outside of your network passing a DNS request to your router, which then in turn instead of dropping the packet, forwards it on. Now if you want to be nasty you also push a malformed DNS packet which causes an “amplification” (a DNS request message of some 60 bytes can be configured to elicit a response message of over 4000 bytes to the target server). Now this doesn’t affect you or your router, but what it does once it hits the target DNS server (say Cool Ideas) is overloading it, especially effective if you get 100s or even 1000s of people doing this at the same time.
1 Like
So who is working tomorrow?
1 Like
Nope Im going home now at 12 then work at the second job from 2 till 7
then off tomorrow
2 Likes
Thanks, man. That means a lot.
So true! I’m going to be pursuing a few follow-ups on this. ISPs are going to have to be better about not only updating their clients’ routers, but filtering out attack traffic from their subscribers that might be targeting another network.
Hey! So’s your face! Or something… 
In seriousness, I pity my poor editors sometimes. I file these 1000+ word epics and they don’t always have any more time to edit them than the 300-word articles that have become the staple of online journalism.
Cut them some slack 
.
Yeah, this is an issue for me as well.
With Vox I was able to request access to my router, so long as I signed a document which said that I take responsibility for anything I might break. They warn that if they have to send out a technician to fix something that I broke, they would bill me for it… Which is fair.
3 Likes
yea its fair to have that because if something is broken and its the users fault then its more than fair.
1 Like
So @DarthMol’s thread topic on wallpapers made me go check out Amplitude Studios’ website. They have the weirdest promo video for careers at the studio:
1 Like
It’s really not that hard, but you need to know what you are doing. I personally believe many of the ISPs have the required people or equipment in place to mitigate these attacks
2 Likes
I still need to complete that quest to know what to do and how to stop it.
1 Like
Spent whole morning throwing cement, good times…
1 Like
Quickest way, disable the DNS server on the router and get DHCP on your router to push 8.8.8.8 and 8.8.4.4 (Google DNS servers) to all DHCP clients.
1 Like
cool will have a look. Still need to try get access to my router.
2 Likes
Maybe me sadly
Yello’s …… being bombarded by bacon smell, murderous!
2 Likes
I didn’t realise you’d gone to heaven.
3 Likes