New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Home isps
A few days I had some problems with my internet provider a big name player, the lady from tech support could control my ont router remotely and even see which connected devices and where traffic goes and comes isn't this scarry? So for sure my internet provider keeps logs as she was looking at my previous navigation logs to see where the congestion of my line is and she even said she gonna keep looking at logs to see if the problem persists before she is sending an technical team at home. Would this freak you out? Should I keep the vpn on now 24/7? Should I don't use the vpn function directly form my router? Are smaller isps safer due less automizations?
Comments
Quick, start surfing porn sites.
Weird flex but ok
Use your own router (instead of renting one from the ISP) and they no longer have a backdoor into your network. One of the main reasons I replaced my Verizon router with my own hardware. They'll still see your traffic (unless using a VPN), but at least they won't be able to see connected devices and all that jazz.
BTW is this in reference to Verizon? Sounds like that's what you're describing.
Most isps have access to their CPE for troubleshooting upgrading etc, I never use them.
I mean for example Comcast - they flash their own firmware on your modem, even if you bought your own, so it still gives them access (had an issue recently, and they logged in my own Linksys modem to troubleshoot like a boss).
So my honest suggestion is to get a VPN router (or make your own), and run all your traffic via that router. They (your ISP) will be able to see that there is traffic, but since the VPN router creates an encrypted tunnel to the VPN servers, and 0.0.0.0/0 is router via that tunnel - the ISP will have no clue what actually goes through it.
Also router-wise - look for a WireGuard VPN router and service. Its where its at - high speed, low latency.
Wouldn't my ipsec running on my devices and servers do it? Or getting an vpn router gives you even more anonymousness? > @MasonR said:
No it's not Verizon, it's Telekom.
It would, just WireGuard would be a much faster and arguably more secure alternative to IPSec. Plus running VPN per device gives you that moment of "did I turn the VPN on?", while if you have it on your VPN router - its always on, and everything is routed via the VPN, dns requests included.
But yeah, any VPN is better than no VPN (except most free VPN providers - avoid them like the plague, cause bandwidth costs money, and they will usually find a way to make their money back somehow, which can sometimes be your data, defeating the purpose of having a VPN).
Does trouble keep finding you or are you out looking for trouble?
Excuse me?
Never ever use your ISP router! Always use your own router and define as DNS Google or Cloudflare. One cheap and good option is Edgerouter X from Ubiquiti: https://www.ubnt.com/edgemax/edgerouter-x/
Note: Ask your ISP if they allow for their router to be put in bridge/modem mode. That way you will not have double NAT issues.
Excuse me? To quote Wireguard's own page:
He has to say that. It really is still way more secure than IPSec and others. It's quite stable too. It's performance and overhead are waaaaaaay better than any existing technology. He's extremely, extremely conservative with versioning. Honestly, I think he's just waiting until it's merged into Linux kernel before removing that. Even Linus Torvalds has called it, "A work of art".
Can't say that about anything unless it has been properly audited.
I could claim that cheap OEM Chinese routers are the most secure as well, because no vulnerability has been found yet.
There's a reason enterprises and governments use IPsec and not Wireguard.
Well that's the thing, it's completely opensource and auditable. With just over 4000~ lines of code. And now has been audited. https://courses.csail.mit.edu/6.857/2018/project/He-Xu-Xu-WireGuard.pdf
https://www.wireguard.com/papers/wireguard-formal-verification.pdf
And it's already been suggested for the US government to switch to Wireguard. https://phoronix.com/scan.php?page=news_item&px=WireGuard-Senator-Recommends
Opensource !== secure. Auditable !== audited. This has been proven many many times. Want a recent example? VestaCP.
The code was (and still is in places) a steaming pile of vulnerabilities - some of which have been there for several years.
Sorry to be a killjoy, but it will still be years before you see massive enterprise deployments of it.
I agree with this. My point, is that for someone trying to hide their internet activity from their provider, it's perfectly suitable and would provide better latency and overhead than other solutions. (provided they are using a good VPN provider)
But since I like to keep things on my own servers, Wireguard is really complicated to setup and it's cant be connected out of the box. And since is not stable it will require additional tinkering if something goes wrong on the way. I did test it however and the speed and ping benefits I got were really small but I guess the security is where it really counts.
WireGuard is far from complicated to set up. I find it about the easiest vpn server to set up manually. And I can fill my gigabit line with a simple 1cpu vps, while getting around ~5ms added to my original latency.
Based on your past threads you can't seem to catch a break.
Such judgefull and mean glad I'm not your costumer
if the glove fits; facts.
The term "can't catch a break" means that you keep running into bad luck. My posts were meant as jokes since you've never posted a positive thread on this site before.
I remember the day he arrived at LET, complaining about how utter bullshit LET community was and he'd rather castrate himself than be a part of the community.
And here we are, few months later.
k positive upcoming thread incoming
The TR069/ACS server can get a LOT of info from the routers, including a lot that isn't even exposed in the webUI even if you have a user with elevated privileges. It can also change a lot of hidden settings.
It's likely they can see everything connected to their router, the MAC address, the DHCP hostname, all of your wireless SSID's and Passwords as well as any port forwards.etc.
Well, guys love to say all of you have shared massive stuff here. This remains useful for me as well and recommends you keep sharing like this more with all.
I think he was a castrate before and just wanted to show off. I would say flex but it really doesn't apply in this case anymore.
Hmm. I heard vod/ cable does not work if you have your own router.... is it true? Also what router is recommended?
Remote lady can't control you penis up because too small
Getting your post count up?