• 0 Posts
  • 23 Comments
Joined 1 year ago
cake
Cake day: November 19th, 2023

help-circle











  • It does matters if you expose your IP.

    That’s why tunnels like Cloudflare and AWS exists to serve your home services to the public without exposing your IP. https://www.kali.org/tools/routersploit/ is a tool for example to target routers, if bad hackers can make botnet to brute force your servers 24/7, they can implement other exploits and you better don’t take any mistake any day.

    The only safe device is the one isolated from internet and others connections. If you really want to learn to have your own home lab, then learn it → https://tailscale.com/ and stop being lazy, there is no need to expose your IP, there is absolute no reason unless you are that lazy, but even you said you prefer paying a cheap VPS than messing with it.

    Say it again, let’s keep this loop going, but work a bit more on your responses.



  • I’m getting a bit tired of your replies.

    Basically you learn everything from start to finish. Maybe you could even setup a proper VM host using proxmox or something.

    The cost of a server at home as you are saying is much more than hiring it online. The only difference is how you boot the BIOS to install the ISO burned into a USB. A hosting service would require you to do it different, and you will anyway learn it in this way, which could help you in the future to deploy some product ready or for your work. So there is no difference at all, and you also need to secure it.

    So as expected it isn’t really risky as long as you take the appropriate security actions.

    I don’t know if you really read it. It is saying that you can never expect when a new 0-day vulnerability comes out. Like: https://venafi.com/blog/ssh-vulnerability-allows-authentication-without-password/ → “attacker could successfully authenticate without any credentials”

    A VPS doesn’t solve any security issues with your website itself.

    Yeah, it solves that they only infect your server on a hosting provider and not your home where you have your phone, router, more devices where they can test more exploits to them. Also, your hosting provider normally also monitors for suspicious requests so if it is infected, your provider will inform you of suspicious activities.



  • I’m of course referring to a real DMZ and not a DMZ host.

    Maybe but why would it matter, especially enough to pay cloud bills?

    Because we are talking home-made stuff, we didn’t talk about a real firewall or any infrastructure, and even doing that is much more expensive than the cheap VPS.

    I have a cheap VPS for my website but that is just because I’m behind a CGNAT and I won’t bother to solve that.

    Same, that’s why I am saying there is no need to expose your IP, unnecessary risks.




  • I already have my own router, even if a web server is safer, you are still exposing your IP which is what I don’t want to do. DMZ doesn’t solve anything, is just worse than setting up a port forward as you are opening all the ports to the server at home, your server at home has access to all your network so once infected by any 0-day exploit, you are fucked up.

    I just hire online servers and I have my own Ansible playbooks to manage those servers, this way I don’t provide my real IP (my home) to anyone.