Write it down? On paper?

It's 2015, and you're using a computer. Take a screenshot of the config page. Save it somewhere. Job done.

No not necessarily on paper I never said that. Screen shot could be printed or your method used only if saved in multiple places in case one breaks down. I have a file that contains all my passwords, user names, router details, programs used, masses of stuff. It's on my PC, my phone, my tablet, and in an email box. Gets updated about once a week from notes on scrap paper taken during the week.

That's where I do my writing down.

I know that in some places it is CE2015 thank you but this is Thailand so it is BE2558.

But if your router goes caput the backup made on the old one does not always work as restore on the new one. That happened to me. I was forced to change brands of router. Write I down. Even if you have it saved on your PC that can fail at any time. Write it down.

If your routers gone "caput" and your PC fails, I don't suppose you'll be that worried about your Internet settings for a while.

**Some** ISPs actually use TR-069 CPE WAN Management Auto Configuration Agent that will 'request' the account provisioning data on a working line and auto-populate the WAN side router.

I discovered that TOT allows TR-069 when self-replacing an ADSL2+ TP-Link WiFi router with an off-the-shelf purchase.

The documentation TOT left me was written incorrect and left out critical settings. Looking at the setup options, I saw the TR-069 option and was curious. Using that, it auto-populated everything required for the WAN side, leaving me to complete the LAN side. Nice.

But if your router goes caput the backup made on the old one does not always work as restore on the new one. That happened to me. I was forced to change brands of router. Write I down. Even if you have it saved on your PC that can fail at any time. Write it down.

If your routers gone "caput" and your PC fails, I don't suppose you'll be that worried about your Internet settings for a while.

1 day. That's how long it would take to replace both pieces of equipment.

If its just a hard drive that's gone bad. 1hour to buy. 35, minutes to restore.

Piece of cake.

**Some** ISPs actually use TR-069 CPE WAN Management Auto Configuration Agent that will 'request' the account provisioning data on a working line and auto-populate the WAN side router.

I discovered that TOT allows TR-069 when self-replacing an ADSL2+ TP-Link WiFi router with an off-the-shelf purchase.

The documentation TOT left me was written incorrect and left out critical settings. Looking at the setup options, I saw the TR-069 option and was curious. Using that, it auto-populated everything required for the WAN side, leaving me to complete the LAN side. Nice.

Interesting stuff. And it looks like TOT did you a favor in getting the documentation wrong. First time of hearing something good about them.

**Some** ISPs actually use TR-069 CPE WAN Management Auto Configuration Agent that will 'request' the account provisioning data on a working line and auto-populate the WAN side router.

I discovered that TOT allows TR-069 when self-replacing an ADSL2+ TP-Link WiFi router with an off-the-shelf purchase.

The documentation TOT left me was written incorrect and left out critical settings. Looking at the setup options, I saw the TR-069 option and was curious. Using that, it auto-populated everything required for the WAN side, leaving me to complete the LAN side. Nice.

Can't say I'm ecstatic about TP-Link - when vulnerability alerts for routers are announced, their name is usually on the list.

Don't touch D-Link either.

**Some** ISPs actually use TR-069 CPE WAN Management Auto Configuration Agent that will 'request' the account provisioning data on a working line and auto-populate the WAN side router.

I discovered that TOT allows TR-069 when self-replacing an ADSL2+ TP-Link WiFi router with an off-the-shelf purchase.

The documentation TOT left me was written incorrect and left out critical settings. Looking at the setup options, I saw the TR-069 option and was curious. Using that, it auto-populated everything required for the WAN side, leaving me to complete the LAN side. Nice.

Can't say I'm ecstatic about TP-Link - when vulnerability alerts for routers are announced, their name is usually on the list.

Don't touch D-Link either.

Nothing wrong with d-link except True ADSL breaks them after a few months. 3BB doesn't.

2 Feb 2015 at 21:20, John Leyden

D-Link router DSL-2740R, and possible more like it, are allegedly vulnerable to DNS hijacking – which hackers can exploit to lure victims to dodgy websites and servers.

According to Bulgarian security researcher Todor Donev, the flaw lies in certain builds of ZyXEL's ZynOS firmware, which is used in network hardware from TP-Link Technologies, ZTE and D-Link. The affected kit is aimed at homes and small businesses.

Routers running the vulnerable software expose their internal web servers to the open internet, Donev claims, and allow anyone to remotely configure the devices without having to log in. An attacker just needs a victim's public IP address – which can be found by scanning the net – and fire off a HTTP request along the lines of:

http://x.x.x.x/Forms/dns_1?Enable_DNSFollowing=1&dnsPrimary=a.a.a.a

It sounds very similar to the vulnerabilities found in ADB Pirelli routers last month.

Donev went public about the D-Link vulnerability without notifying the affected vendors.

And I have a D-Link DIR-825 on my bench that I pulled from a client a month ago with the DNS servers changed to St. Petersburg. I opened a thread on it.

Security Suite vendors really need to add a DNS check and verify routine.

Security Suite vendors really need to add a DNS check and verify routine.

Or preferably make it impossible to modify the DNS with a crafted HTTP request!

Security Suite vendors really need to add a DNS check and verify routine.

Or preferably make it impossible to modify the DNS with a crafted HTTP request!

You're trying to take all the fun out of hacking and social engineering.

Security Suite vendors really need to add a DNS check and verify routine.

Or preferably make it impossible to modify the DNS with a crafted HTTP request!

You're trying to take all the fun out of hacking and social engineering.

I prefer to think of it as trying to stop Russian organised crime emptying people's bank accounts.