Hi, with regards to a GL-x3000 router using the latest firmware v4.7, when opening the Wireguard Client page I get requests to static.gl-inet.com, and ad-api.gl-inet.com.
There are cell-site simulator(s) in heavy use in my area of the UK. Consequently I would like to avoid any unnecessary outbound dns requests unless explicity allowed.
The most common form of attack on me presently is the perpetrators setting themselves up as an MITM IPv6 resolver through which they inject some nefarious javascript code. This then contacts a c2 server. Many of these c2 servers are based on cloud servers such as cloudfront and amazon web servers (ip usually beginning with '52.') .
This is an image of my firewall preventing such a request here:
You can see the IP address change despite the same url.
Can we clean up the VPN page a little to prevent the outbound requests on opening please?
I have another issue with regards to wifi being enabled straight after a Uboot firmware flash. This is potentially another attack vector. I always flash using a lan cable anyway. Any chance of disabling wifi by default?