I'm considering installing the UPnP daemon on some home/home office boxes, and I'm curious what the security issues are. >From my own (simple) analysis, the worst that could happen is a malicious >application could ask for many, many (almost all?) of the ports above 1024 to >be routed to a machine, and that an external attacker might be able to use all >the port forwards to control said malicious program from the internet and >perhaps wreak havoc on the LAN net and maybe even the pfSense box (with a >keylogger and sniff the pw for the pfSense admin).
This is assuming I don't use the custom rules that I can specify. (which I could use to mitigate some of the damage) Did I miss anything? Thank you for your comments.
