>>22296Router side protection is your main defense. You can run shitty outdated software on your device under a good router and that router will do most security for you but bad ones potentially leave your whole network vulnerable. Especially with the amount of automated port scanning going on. I would say it's worth it to ditch ISP provided router if possible and/or find some kind of foss up to date firmware for your new one. Many older routers are supported though if you find the model on a list of supported devices a used one shouldn't be much, that's what i did, was like maybe 30$.
Think freshtomato, OpenWRT, DD-wrt something and then keep on new updates for it. Of all the things to ignore and run unpatched/outdated versions of, router firmware is the worst one.
https://en.wikipedia.org/wiki/List_of_router_firmware_projectsAlso here's a good site that is doing exactly what you should be worried about, mass scanning and searching for vulnerable routers/devices. You can search by manufacturer, OS, IP, etc and see how many open devices are sitting around. No wonder botnets are so common now.
https://www.shodan.io/