The first router would still be vulnerable, and through it the second router.
On 8 February 2023 16:06:07 UTC, Josh Luthman <j...@imaginenetworksllc.com> wrote: >What's the problem with double NAT? I can't imagine an elderly mom trying >to host Xbox games - which is 95% of the problem with double NAT these days >(the other 5% being Ubiquiti bros having to access their Unifi router from >anywhere). > >Your screenshots didn't come through, I suspect it's stripped via the >mailing list, but there's no model number specified anywhere. > >NANOG really isn't the best place for this, but I don't know where else you >would be able to go besides what you've already done: Yondoo support. > >On Tue, Feb 7, 2023 at 9:17 AM TACACS Macaque via NANOG <nanog@nanog.org> >wrote: > >> Hi, >> >> Long time lurker, first time poster. Sorry in advance if this is the wrong >> forum for something like this. >> >> My mom's ISP (Yondoo) seems to be providing DOCSIS 3.1 CPE (Customer >> Premises Equipment) with a built-in router, without providing the ability >> to change the admin password from "password" on it. >> >> [image: Screenshot 2023-02-03 at 9.49.15 PM.png] >> >> [image: Screenshot 2023-02-03 at 9.51.51 PM.png] >> >> Their customer service rep said that this is not only WAI, but also wanted >> to charge her $50 to have a tech come out and change it. Which is obviously >> less than ideal. >> >> That aside, this seems like a pretty egregious security standard which, >> from my understanding, can have fairly dire security implications... e.g., >> DNS server settings can be pointed at whatever someone wants here. >> >> My mom is elderly and had already fallen victim to a call center scammer a >> couple years ago. They briefly took control over her laptop before she >> called for backup. So I'm just a little concerned that we have no control >> over changing this router's admin password — from “password” — in a pinch, >> without waiting for a truck roll && shelling out $50. >> >> I've sent her a DOCSIS 3.1 modem that doesn't have a router built-in, in >> hopes that they'll let us bring our own. She does have Google Wifi, but we >> can't even put their router into bridge mode. So she would be double NATed >> *and* have no control over changing the admin password on the first >> router. >> >> Anyone have any experience with Yondoo? I've tried reaching out to them on >> multiple fronts, but have yet to hear back from them on this. A tech is >> scheduled to come out tomorrow, so the plan is to beg (bribe?) them to let >> us use our own modem and then take it from there. >> >> Thanks, >> Todd >> -- Sent from my Android device with K-9 Mail. Please excuse my brevity.