View Single Post
Old 26-07-2020, 08:53 PM   #12
TanKianW
Master Member
 
TanKianW's Avatar
 
Join Date: Apr 2005
Posts: 3,245
To disable UPNP seems also quite problematic for consumers.

Peer-to-peer applications, game servers, and many VoIP programs, seem to rely on upnp.

How do you sort this out if you need to use various VOIP programs, say for work, now that it is common to work from home?
Yes, i agree. UPNP is convenient for consumers out there. But there is no easy way out if you want security.

For my case, I will still manually port forward the common ports at the firewall for programs. Load pfblockerNG's IP/DNS filter, do up a whitelist, download the blocklist from the different category you wish to block. Then pre-load the IDS/IPS security list on SNORT (by Cisco) based on the selected security level. Lastly, run the common programs and go through the firewall again. Unblock any causing it not to work or detected as false positive.

In recent years, the block list in pfblockerNG and SNORT getting more and more refined, due to the widespread of community support, the % of false positive is also pretty low.

Snort list:


pfblockerNG feed lists:
__________________
春有百花秋有月,夏有凉风冬有雪;若无闲事挂心头,便是人间好时节。

Last edited by TanKianW; 26-07-2020 at 09:02 PM..
TanKianW is offline   Reply With Quote