this post was submitted on 15 Sep 2025
732 points (98.0% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
64213 readers
522 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
🏴☠️ Other communities
FUCK ADOBE!
Torrenting/P2P:
- !seedboxes@lemmy.dbzer0.com
- !trackers@lemmy.dbzer0.com
- !qbittorrent@lemmy.dbzer0.com
- !libretorrent@lemmy.dbzer0.com
- !soulseek@lemmy.dbzer0.com
Gaming:
- !steamdeckpirates@lemmy.dbzer0.com
- !newyuzupiracy@lemmy.dbzer0.com
- !switchpirates@lemmy.dbzer0.com
- !3dspiracy@lemmy.dbzer0.com
- !retropirates@lemmy.dbzer0.com
💰 Please help cover server costs.
 |
 |
|---|---|
| Ko-fi | Liberapay |
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Never turn on uPnP for external use, its a way to let hackers manipulate your network. It should never have existed as an option.
You should have pretty much everything on your router disabled for access from machines on the external network side of the router.
The typical example is the web admin interface, which should never be enabled for access from outside, only for access from machines on your internal network. The same applies to all other sorts of control interface, be they human interfaces or machine interfaces.
For any machines reaching it from the outside network interface the router should look the same as the most basic, dumbest router there is with no way to configure or control it.
So, yeah, enabling uPnP for external use is asking to be hacked, probably worse even that enabling the web admin interface for external access since the latter usually has username:password authentication, which although pretty crap (most people don't even know its there and leave it at default and when not it often has character limitations that make it guessable or possible to brute force) it's still way better than NO AUTHENTICATION WHATSOEVER which is what uPnP has.
Our ISP ships new routers that are admined from the cloud via a phone app. Its a disaster waiting to happen, so I told them I'm keeping my old outdated modem as a bridge and bought my own router.
Yeah, I do the same thing.
Curiously, the installer of my ISP - which is one of the smaller ISPs around here - says it's very common for their clients to just want the ISP's box to do bridging (or even just act as a Fiber-modem) and use their own router behind it.
Guess the techies tend to flock to the more obscure ISPs that pretty much just provide "data pipe to the Internet" rather than use the big ISPs which tend to do stuff like push their own TV Boxes and even bundles of Home Internet + TV + Mobile.
I am very happy with this ISP - cheap, fast, reliable, no bullshit.
Yeah we had the bundle from a big ISP, home phone, TV, and unlimited internet and 10 email addresses. As kids moved out etc. We dumped home phone, and TV, just internet now as a bridge. I'd move to another provider but I still have 5 people using the email addresses; and for mine I'm slowly moving all my signups and bills over to another email so we can eventually make an easy switch.