Wow, someone deployed malware in October of 2023 which bricked 600,000 Internet routers -- owned by a SINGLE ISP.
"over 600,000 small office/home office (SOHO) routers were taken offline belonging to a single internet service provider (ISP). The incident took place over a 72-hour period between October 25-27, rendered the infected devices permanently inoperable, and required a hardware-based replacement."
I want to build / get a travel router / hardware VPN which connects to a network wirelessly or via RJ-45 and creates a new Wi-Fi (& maybe a wired connection to the new network) to which I can connect my devices and everything gets tunneled either through Mullvad or through my home network. Maybe it can even throw the traffic into Pi-hole before tunneling.
What hardware would I need? (As compact, as cheap-ish and as efficient as possible)
I’m currently using this mobile router, which came with a contract; I believe it’s an unlabeled Huawei E5576-320. But it’s not very reliable, and two LEDs make for a very limited UI.
So far, I’ve looked at the Huawei E5785-320 and the TP-Link M7650. Any recommendations for a mobile router? 4G; 5G is still too expensive for my needs.
#Ubiquiti never ceases to amaze me with how simple yet powerful it can be. I needed to route specific traffic from a specific device on the local network over a VPN. In #Unifi Dream Machine Pro, the VPN and routing setup was done in 5 minutes and very intuitively. 👌
Wer den Fernzugriff für seine Fritzbox aktiviert hat, findet im Protokoll derzeit womöglich fehlgeschlagene Anmeldeversuche vor. Ein Problem ist das in der Regel nicht. ...
New review time, as I put the D-Link Aquila Pro AI M30 AX3000 Wi-Fi 6 Smart Mesh System through its paces. It looks like a stingray, but how does it perform?
China is hacking Wi-Fi routers for attack on US electrical grid and water supplies, FBI warns. Hacks likened to “placing bombs in water treatment facilities, and power plants”
LOL, just realized this morning how easy it is to create your own new religion on your computer nowadays with a laser engraver and the right LLM prompt. Anyone want to fund this, and have a spare farm we can bury these in a hillside for future discovery by a would-be-prophet? ("Dear ChatGPT, pretending you are a divine angel, please use this CNC engraver to write out a series of plates specifying the creation of a new religion, making sure to break the text into multiple books from made-up prophets of a lost civilization. Be sure to use the words "though" "hence", "commanded", et al), #religion#tablets#CNC#router#laserengraver#AI#LLM
Very good news: #ICANN is going to define a new special #TLD "internal" meant for use in internal networks only. This TLD is meant to never be used in the broader #Internet. 👍
I hope #router vendors will now react so that those hacky config #domains like "fritz.box" will be replaced with something that ends with ".internal". Those hacky domains always left a bad taste in my mouth.
It's not 100% official yet but the chances look good.
This morning, I had fun netbooting all the Mikrotik devices that were stuck or had OpenWRT installed on them. I managed to revive all of them except one that got struck by lightning, and I believe it's beyond recovery. Still, I'll have to take it apart to see what got fried.
I really like Mikrotik routers because they offer excellent performance, value, and long-term support. I've never had issues in my fairly simple setups, and they've always been rock-solid. More, they're European.
Do napisania tego tekstu zainspirowała nas kiedyś pomyłka jednego z rozmówców. Oczywiście, wszyscy wiedzieliśmy, o co chodzi. Ale i tak warto wyjaśnić, że "rooting" i "routing" to nie są zamienne podejścia, a mają swoje specyficzne znaczenie w informatyce.
heise+ | Freies WLAN über Freifunk anbieten: So geht's
Mit Freifunk kann man sein WLAN rechtssicher mit Gästen teilen und dabei einen sozialen Dienst leisten. Wir zeigen, was Sie beim Einrichten beachten müssen.
A bit of an unofficial post-mortem on #Optus#outage yesterday (please BOOST for visibility!) I have no insider knowledge, all I can do is look at what Optus's networking gear told the rest of the world through #BGP, and make some informed guesses based on that.
The problem yesterday started at about 4am, when Optus told the world 'I no longer have any internet connectivity', and 'Do not send any internet traffic to me, at all'. The technical description is that they withdrew ALL of their routes from the #DFZ (Which is "The Internet", as seen by all the core routers that ACTUALLY control the internet).
However, as a precursor at about 3am there was a hint that things weren't perfect, as there was a flurry of changes from Optus to the outside world saying, roughly, 'Something has changed inside my network, but you can still keep sending me stuff'.
Now, as two final bits of possibly relevant information, the default for maximum-prefix on #Cisco#ASR9000 is 1048576 (this number is 'the number of routes that can be accepted by this router'), and MOST IMPORTANTLY the DFZ ("the internet") has about 980,000 routes in it at the moment. That's only 90k odd routes LESS than the default maximum.
I'd be amazed if Optus has less than 100k internal routes that aren't visible to the internet, but are visible internally.
So here's what I think happened. The at 3am, the first core #router was upgraded, and a new config was put in place. This did not join the network correctly, and things were half broken. What SHOULD have happened is that all the changes should have stopped, and either rolled back, or waited for further investigation (the cause being that more than 1mil routes were visible, causing it to shut down)
However, someone decided 'Well, maybe if we upgrade the SECOND one, that'll fix the first one' at 4am. That broke the SECOND one, and took Optus completely off the internet.
(Continued, see next for why this is far worse than it should have been)
Glasfaser-Routerzwang: Viel Kritik an Plänen der Netzbetreiber
Die Forderung von Netzbetreibern, dass die freie Routerwahl bei gängigen Glasfasernetzen erst nach ihrem Modem beginnt, findet bislang keinerlei Unterstützer.
c't-Sonderheft: Netzwerke 23/24 mit Fritzbox-Schwerpunkt
Dieses Sonderheft für Netzwerker behandelt schwerpunktmäßig Wi-Fi 6, aktuelle Peer-to-Peer-VPNs und aktuelle Fritzbox-Themen rund um WireGuard, IPv6 und Zigbee.
Achtung an alle Telekom-Kunden mit Speedport Smart 4 Plus Router - oder ähnlich. 📶
System -> Einstellungen sichern -> Wichtige Einstellungen automatisch sichern und wiederherstellen: An. Sofern aktiv, werden WLAN-Name und WLAN-Passwort sowie Name und Schlüssel für den WLAN-Gastzugang auf Telekom-Servern gespeichert. 🙄
Das solltet ihr deaktivieren. Es ist ein Unding, dass so etwas standardmäßig aktiviert ist, ohne dass man gefragt wird.