Obitalk202 hacked, pwned. No fix?
Mango:
Quote from: AnotherVictim on May 11, 2018, 01:39:13 pm
If there was a way to tell the Obi202 "only take unsolicited packets if they originate from..." and give them a range specific to GVoice, that might do the trick.
You're describing a "restricted cone NAT" router. You don't even have to configure an IP range; it will be detected automatically. The router I use is called Tomato firmware, but there are probably many other good ones. Unfortunately Tomato isn't compatible with Arris hardware, but here's a list of compatible hardware http://tomato.groov.pl/?page_id=69 if you're interested.
GPz1100:
Mango, can you post a screen shot of what this setting looks like in tomato?
Mango:
There isn't a setting for it on Tomato; it's the default/only behaviour.
Some routers have a setting called something like "secure UDP session control" which does the same thing.
AnotherVictim:
Thanks, gpz. Mind you, I haven't touched any configs in 3? years and my router configuring, which yes I used to have a good grasp on, was longer thsn that. I just haven't had any recent need to look at it. IIRC the instructions to set up the Obi202 only allowed one wsy to set it up UNLESS your router would also allow use of the specific IP range that OBI worked with, or vice versa, and the Comcast sanctioned routers, of which the Motorola/Arris Surfboard series were the best, simply could not both use the same range. So, whatever it was out of the box, was all it ever can be. Looking at a new Netgear Nighthawk, also not perfect but Comcast limits choices, to replace it. And I'll look into configuring that for the stateful gateway.
But someone out there is foing DOS attacks on Obi boxes.
Navigation
[0] Message Index
[*] Previous page