On Wed, Mar 29, 2017 at 12:47 AM, Mick <michaelkintz...@gmail.com> wrote: > On Tuesday 28 Mar 2017 22:52:25 Jorge Almeida wrote: >
> Many ISPs today implement TR-069 (a standard of the DSL forum) to access > customer equipment remotely for service provisioning. They use configuration > servers to implement management access to *their* routers and update > firmware/software, reset the configuration to defaults, or more secure > settings. > > http://www.broadband-forum.org/technical/download/TR-069.pdf > > This also allows them to undertake status and performance monitoring and run > some diagnostics tests to manage their customers' complaints. > > The extent to which all this also allows spying on your connections is > debatable, but if they have access to your DNS resolver, I guess they can > route your queries on the fly, wherever they like. > -- Spying on packets is probably something they'll be able to do if they want to. Infiltrating the home network is what I find spooky. No one seems to talk about it, maybe I'm missing something that is obvious for more knowledgeable people. BTW, I've been using dnscache (from djbdns) for years. I suppose that protects against spoofing? Regards Jorge