@irenej I mean you could totally ARP poison the router if you manage to inject crap into its WAN port, or if there's a DNS server in the same network, or a domain controller.. I remember using Cain&Abel to completely take over a Novel Netware server because you could inject kerberos tickets that would validate you as the superadmin, you could even take out the normal admins if you wanted to 😛 this is why IPv6 has extended IPSEC so much, so you could actually secure these things (nobody does tho)