Running a packet radio node is absolutely a security vulnerability for your network. The software used for packet radio is developed by amateur radio operators, in a non-professional capacity.
The purpose of this article is to highlight precautions to take when connecting your node to the Internet. Thus, we are not considering exploits through over-the-air routes, as these are largely hypothetical or difficult to carry out.
When configuring forwarding and routes over the Internet to other BPQ nodes, use AXUDP and not AXIP. AXUDP works better with modern firewalls, while AXIP generally presents trouble.