egc DD-WRT Guru
Joined: 18 Mar 2014 Posts: 12837 Location: Netherlands
|
|
Alozaros DD-WRT Guru
Joined: 16 Nov 2015 Posts: 6410 Location: UK, London, just across the river..
|
Posted: Mon Nov 21, 2022 13:31 Post subject: |
|
Fried Chicken wrote: | Is there a risk of a bad actor joining a network, spoofing DNS queries and redirecting to a phishing (or similarly bad actor) IP address? |
There is always a risk if the bad actor joins the network...with or without mDNS turned on...
mDNS helps for local discovery and acts only on the local level (internal LAN)...and you can specify the interface that it will work on too...have a read the mDNS guide made by our noble guru egc https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=331904
So, its up to you to not let the bad actors to access your main network...or if you have those concerns about your IoT or untrusted devices you need to isolate those on a vlan with or without WAN access... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913 |
|