Sorry if this is out of scope for /r/networking but I'm hoping to approach this from the NOC side of residential ISPs.
I'm working with an IOT company who is seeing a rash of devices being automatically blacklisted by their customers' home WiFi routers after they factory reset the IOT device and then re-configure it. The working theory is that it is caused by the IOT device repeatedly trying to connect back to the WiFi network with an incorrect password until some sort of brute-force protection kicks in and blacklists the MAC address. They have one case solidly confirmed, because the customer was actually able to find the menu on the router admin page that showed the blacklisted MAC address. If the IOT company sends the customer a new device (thus a new MAC, but same hardware/antenna configuration) then their problem is resolved 100% of the time.
I'm working with their customer support team to try to gather ISP and AP demographics from the impacted customers, but I was hoping somebody here would have some firsthand knowledge about who might run this type of security configuration by default and/or the specifics of this behavior so we can alter the device to be less aggressive.
No comments:
Post a Comment