Comment by bandrami
1 month ago
True, the frame is addressed to the router's hw interface but I'm talking to people who think NAT drops traffic so I figured keep it simple
But, yes, the ISP (or whoever has compromised/suborned/social engineered the ISP) is absolutely the main worry here and I don't understand how people are dismissing that so easily
> I don't understand how people are dismissing that so easily
Because that’s not where 99.9999% of attacks come from
Fire up a web server on a public ipv4 address and you’ll get hundreds of requests per day from bots probing endpoints for vulnerabilities. Same thing goes for weak passwords on an SSH endpoint.