js2

I have AT&T Gigapower with a Pace 5268AC, so not one of the modems discussed here.

I don't use its wifi and I have it configured for pass-thru mode. When I got service early this year, I briefly investigated bypassing it entirely. It turns out you need the modem to periodically respond to authentication packets from the AT&T network. But with some ingenuity, you can hang the router off an extra port on your own router and use it only for authentication purposes:

http://www.dslreports.com/forum/r29903721-AT-T-Residential-G...

I eventually decided not to do this because it's somewhat brittle and I didn't otherwise have any issues with the Pace. It's performance is fine.

But, given this disclosure, I'm going to revisit my decison. First, it seems like it's just a matter of time before the Pace has a similar security issue. Second, that kernel module for injecting HTTP advertisements. Just the idea of it bothers me.

js2
Update: I've moved the 5268AC behind my EdgeRouter Lite. I wasn't happy with any of the 802.1x proxies other folks wrote and/or they weren't working for me and/or I just wanted to write it in Python, so I wrote my own:

https://github.com/jaysoffian/eap_proxy