TODO: write more

This is our attempt to document best practices for securing your packet radio node. This is primarily concerned with network security in regards to connecting your packet node to the Internet or 44net, rather than over-the-air security. The software used for packet radio is developed by amateurs who are doing this for fun, and thus may not follow many modern best practices. While there are likely very few people targeting vulnerabilities in packet radio nodes, it is wise to take these measures on your node.

If you are using an “AX.25 over internet” port on your BPQ node to connect to other nodes, we suggest using AXUDP rather than AXIP. AXUDP is an AX.25 packet encapsulated in UDP, and works better with modern firewall software. AXIP is minimally supported in modern firewall software and has caused significant issues for some FARPN node operators.

Configure your firewall with port forwarding only for your AXUDP port to your node, and if possible, only allow traffic from those you want to connect.