Within my risk appetite on trusted network segments. I have bigger issues if malware is operational within the trust boundary, it can do what it needs using outbound connections just fine (recon, lateral movement, etc). Your risk appetite might differ.
malware. Got any no-name IOT devices on your network? Got some Huawei built hardware anywhere? Playing some new indie game from developers in romania?
I had to install openwrt on my router so that I could restrict access to upnp by mac address just to my gaming pc (imo this should be standard on any router as an advanced setting, most are just upnp yes/no) so that I can still play online games.
UPnP allows literally any random piece of software inside your network to open and forward arbitrary ports on your firewall. Bad idea!
Within my risk appetite on trusted network segments. I have bigger issues if malware is operational within the trust boundary, it can do what it needs using outbound connections just fine (recon, lateral movement, etc). Your risk appetite might differ.
Why are you running software that randomly opens firewall ports?
malware. Got any no-name IOT devices on your network? Got some Huawei built hardware anywhere? Playing some new indie game from developers in romania?
I had to install openwrt on my router so that I could restrict access to upnp by mac address just to my gaming pc (imo this should be standard on any router as an advanced setting, most are just upnp yes/no) so that I can still play online games.