What information can my ISP see from my router?
I installed a new router today and saw my IP address change because the new router has a different MAC address and I am just curious on what information my ISP can see from my network.
I know they log the WAN MAC address and can figure out the manufacturer with the OUI, what about the router host name and other MAC addresses like the LAN and wireless MAC?
Solution 1:
I know they log the WAN MAC address and can figure out the manufacturer with the OUI, what about the router host name and other MAC addresses like the LAN and wireless MAC?
The short answer: Depends on the ISP. In general ISP’s mainly track your usage and habits. This article on Lifehacker gives a good overview on that type of tracking that can be done on your usage without going past the WAN connection.
But as far as breaching past the WAN connection and into your LAN? Well, in general one should assume their ISP is operating within basic common carrier rights & privileges. Meaning they just won’t probe your internal router info. Which they honestly can’t if you are using a store bought router hooked up to their network.
The if comes from users who use ISP provided equipment; such as combo modems/routers. If it’s the ISP’s equipment you need to assume they are retaining some root level control on the device so they can handle remote firmware upgrades.
Here in NYC I seem to recall Verizon bricking tons of modems with a badly deployed firmware push about 10 years ago. I did dig up this article on how Comcast pushes (or pushed?) firmware updates. And I found this article on how British Telecom’s router firmware seems to setup management IP address explicitly for “firmware” updates, but then again who knows how much access they have with that level access.
Robert Graham of security firm Errata said that many Internet service providers make custom firmware for the modems they sell, and this typically has a management "back-door" so that the ISP can monitor or control the modem.
So if you are truly worried about an ISP provided piece of equipment going past the WAN and into your network, then I would recommend seeing if that ISP device can be made to behave like a modem in “bridge mode” and then purchasing another router that would connect to that modem and handle all routing. That way all of you network’s “heavy lifting” happens on equipment you have purchased and you control.