Right, but what hardware and software do you trust to run the router and how do you predict the MAC address? There are several Respects Your Freedom wifi access points which might work. Maybe you could white list your known MAC addresses and drop everything else, but then the Intel firmware might just use the MAC address you have whitelisted. The only real solution is to disable the Management Engine or replace it's firmware with free software.
In the mean time, logging traffic to spot odd packets is a great idea. People should document and publish malicious traffic from their networks. On Thursday 28 January 2016, Daniel Tarrero wrote: > > But you can put a firewall on a router externally to block ME packets > > escaping your network if you know where they come from. > > that was the idea, maybe i didnt explain myself propperly.
