it's funny how a final year student can open up the eyes of experts & technical staffs at TM...i give u crdt on this rizvan...u really know ur stuff...and i can see that u will have a bright future in the network/security field if u are in it...

to me, they can have or enable the remote management but not set the source of IP to 0.0.0.0...that's like inviting everyone to your router...what TM could do is set a specific IP that could access that router...eg. for this area/block of users, only IP 202.108.0.133 can access that router...this will slightly narrow down the possibility of an intrusion, but not totally....all IT/network/security experts should know that no system or machine is 100% secured...also, TM should crack their heads to harden that busy box...ever heard of soekris or magic box?...small as they are, big on their capabilities...

juz my 2 cents

yup...i totally agree with u that it will still invite potential danger by enabling the remote management but TM have their justification to do so...my previous suggestion was to have the risk of potential intrusion slimmer...the best that can be done is to find a solution that could satisfy both parties, security for users, convenience for TM...they will need to crack their heads...hehehe...