Half bridge security

Hi folks!

LTE->ISP/Modem/Router->OpenWrt device->clients

On that configuration, does setting the ISP router to "bridge mode"(what's half-bridge really) lower the possibility for backdoors/man-in-the-middle attacks or something, because some parts of the OS not running, eg. firewall, NAT, etc.?

Is it worth to gain small security (if there is any) but losing the redundancy of a second router/wifi AP and have the wifi always on because of configuration access?

Silly question but what do you guys think?


assuming all clients connect the openwrt device, and it's configured as a router.

2x yes

What I thought about is if someone sneaks to the ISP router over a backdoor and sniffs my traffic or routes it to somewhere. So no routing, no problem...thats what I thought..
I don't know if this has ever been done on consumer devices but I read that its possible in theory and back doors have been found on some routers.

Am I too paranoid? :grinning:

Edit: It all comes to the question: Will this pseudo (half) bridge mode (where the traffic is just forwarded to a ethernet port) on the ISP router help on that issue?



But you're pretty safe, since DNS over HTTPS or TLS is more secure, and all sites use https anyway.


Thank you @frollic for your answers!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.