On 4/24/19 7:24 AM, Tom Beecher wrote: > This is why, in my opinion, people should avoid modem/router combo units > whenever possible. Any information/configuration entered into such a device > could be accessible to the MSO (intentionally or otherwise) , as is > happening here. I'm sure they would come back and say this is necessary to > provide support for customers who pay them for WiFi service, but it clearly > shows they don't turn off that functionality for customers who don't. > > Treat you cable modems as foreign network elements. Cause that's what they > are.
+1. Encountered this with an AT&T install. AT&T provided router/wifi combo. After the installer was done, first thing I did was to turn the combo's wifi off, and hook up the access point the customer has been using for years. Verified that the MAC filtering was still correct during the post-install. Customer is happy. The next step is to build a Protectli firewall to go between the AT&T modem and the access point. Block any chance of AT&T using SNMP to sniff the access point. (Moved the Access Point's IP address for management and gateway, too.)