It is best apply to have all interface passive by default, then specify which interfaces ought to run OSPF (solely the interfaces the place you are anticipating to type an adjacency). Your interfaces/VLANs that hook up with customers ought to be passive.
BGP would not type neighbors the identical approach as OSPF/EIGRP since you might want to manually set peer IPs and AS, so its extremely unlikely for consumer gadgets to establishing peering, although you possibly can nonetheless set ACLs and a key to lock it down additional