[FS#1132] Default config exposes ipv4 UDP port 68 to the entire Internet
LEDE Bugs
lede-bugs at lists.infradead.org
Wed Nov 1 09:11:08 PDT 2017
The following task has a new comment added:
FS#1132 - Default config exposes ipv4 UDP port 68 to the entire Internet
User who did this - Arjen de Korte (arjendekorte)
----------
So what do you suggest to fix this then? Source filtering will not work for UDP traffic, since source addresses can easily be spoofed, so this will not protect your presumably vulnerable DHCP client from receiving malicious traffic from all over the internet (filtering on your ISPs edge routers will, but apparently you're less lucky than me in this respect).
----------
More information can be found at the following URL:
https://bugs.lede-project.org/index.php?do=details&task_id=1132#comment3741
More information about the lede-bugs
mailing list