Cyber Security

Ubiquiti UDM Pro and pfSense: Stop sending unauthorized traffic | by Teri Radichel | Biting Bugs | April 2024

esteria.white
By esteria.white Add a Comment

If traffic is blocked multiple times, stop sending it

I look at my logs and there is constant ICMP IPv6 traffic coming out of Ubiquiti UDM Pro even though it is blocked on the network. You would think that a network device made by networking experts would detect if a protocol is not allowed outside of it and stop sending it in that case, right?

At most check once like every 24 hours to see if it has been activated or after any network change, not every few seconds.

The same goes for everything related to pfSense, Apple and Microsoft applications.

Additionally, there are many other blocked ports, protocols, and domains that the UDM Pro keeps trying to reach. The pfSense is a bit better because it only speaks periodically for some things, but for others it continues to forward traffic. There no longer appears to be a way to completely disable IPv6.

Any network device, operating system, or browser programmed by people with knowledge of networking should check if a protocol, port, domain, or IP address is blocked and stop sending messages there. Maybe you have a status panel showing which ports, protocols, IP addresses, or domains are blocked with a “test again” button that will re-run whatever was blocked.

Follow for updates.

Teri Radichel | © 2nd sight laboratory 2024

About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight Lab
Need Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for Presentation
Follow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab

Leave a comment
Lost your password?