| ▲ | tda 4 hours ago |
| Yes my router has open ports, but it does not do any port forwarding. So I can 'directly' connect any device behind my router without my router needing to know any specifics of which device that is. And I don't need to do any port forwarding of anything on my network and thus expose them to the whole internet; I just expose them to the users of my tailscale network (only me) |
|
| ▲ | toomuchtodo 4 hours ago | parent [-] |
| Does your router not support UPNP for dynamic port punching? |
| |
| ▲ | bityard 3 hours ago | parent [-] | | UPnP allows literally any random piece of software inside your network to open and forward arbitrary ports on your firewall. Bad idea! | | |
| ▲ | gzread 32 minutes ago | parent | next [-] | | Why are you running software that randomly opens firewall ports? | |
| ▲ | toomuchtodo 3 hours ago | parent | prev [-] | | Within my risk appetite on trusted network segments. I have bigger issues if malware is operational within the trust boundary, it can do what it needs using outbound connections just fine (recon, lateral movement, etc). Your risk appetite might differ. |
|
|
