[FS#1132] Default config exposes ipv4 UDP port 68 to the entire Internet
LEDE Bugs
lede-bugs at lists.infradead.org
Wed Nov 1 08:29:26 PDT 2017
The following task has a new comment added:
FS#1132 - Default config exposes ipv4 UDP port 68 to the entire Internet
User who did this - Arjen de Korte (arjendekorte)
----------
To prevent customers accidentally (or maliciously) DHCP service providing to or using from other customers, also known as [[https://en.wikipedia.org/wiki/Rogue_DHCP]].
Having said that, you still have not convinced me that this is a real world problem. See my initial reply. I have literally never seen any malicious traffic on UDP port 68. I have been monitoring this port since I first switched my ISP provided router to bridge mode sometime in 2007 and used a Linux box as router/firewall. Either I'm the luckiest man in the universe, or this traffic is filtered out routinely by the half dozen or so ISPs I went through since then.
----------
More information can be found at the following URL:
https://bugs.lede-project.org/index.php?do=details&task_id=1132#comment3739
More information about the lede-bugs
mailing list