[proxy_user]

Can you explain why a router maker would allow someone on the external internet to connect to the http interface? Surely, such a router should only allow a dhcp client to do this, and it should certainly know their IP addresses.

What is this stuff about malicious sites? Does that just give them an IP address to attack by trying to connect back to the router?

[George W. Bush]

Can you explain why a router maker would allow someone on the external internet to connect to the http interface? Surely, such a router should only allow a dhcp client to do this, and it should certainly know their IP addresses.

They literally mean 'drive-by'. As in connecting to and controlling the router wirelessly and reflashing its firmware (or just reconfiguring it) to stage man-in-the-middle attacks. They're talking about your neighbors in high-rises and apartment buildings attacking you via the router. Or in public hotspots or airports.

There are a number of attacks occurring in airports too. People who have enabled XP's Peer-To-Peer networking service and who take advantage of a "Free Internet" hotspot are connecting to a pirate trying to plant stuff on their shared folders/drives or who are staging man-in-the-middle attacks when they connect to corporate/banking/shopping sites. Many of these attackers are operating currently in major airports, universites, etc.

Lock down your wireless laptop and your router.