Ever wondered why they keep telling you to NOT have remote admin enabled? Let's take the DLink DIR 865L, a Starhub-issued Router:
All it takes is a little knowledge of HTML, and knowledge of the direct URL to get to the relevant pages where sensitive information is revealed WITHOUT having to log in.
1. Email Address used to register with mydlink and ALL MAC Addresses of the router (only one MAC Address is shown below for illustration purpose):
2. The internal IP Addresses and device name of all DHCP clients:
3. WPS Pins that can be generated by the router, INCLUDING the Default PIN:
DLink provides you protection by not enabling remote access as a default. So why go and enable it with all these risks? You might be opening yourself to potential phishing attempts if someone masquarades as a DLINK official by sending you a spoof email using the information that is easily gathered through the above means.