Who here /home server/?
I use mine for Plex and a home file server but I'm not smart enough to set up password authentication so my stuff is just open on some random ports. That's okay as long as hackers don't know what port it's on right?
Who here /home server/?
Justin Cox
John Phillips
>That's okay as long as hackers don't know what port it's on right?
>Set ssh to port 30025 a month ago
>Chinese botnet got a hold of it somehow and fail2ban engaged like a rotary cannon.
user...
Nathan Young
I'm giving you 24 hours to secure your shit before I turn on ipconfig and pwn you!
Larping aside, you should secure it or use a firewall to make sure it isn't accessible from the internet.
Jaxson Jones
If you cant set up authentication just block the port through you're router
Henry Price
>home server
Home servers are a meme
Angel Ross
I set one up not too long ago, using it mainly as a file server and eventually a print server once things get moved
Torrent daemon as well
Noah Thompson
The ports are obviously open in the server, inside the subnet and NOT outside the router.
Nothing wrong with that. Unless he's a high risk target, even then any router with default configuration won't give you direct access from the outside just randomly.
Sebastian Clark
nmap and shodan.io
Also JS from website can scan your local network, report things back to server and it can try scan the network from outside.
Ayden Smith
Same, an old C2D laptop with a huge ass external drive as a Plex-, FTP/File-, BBS-, torrent-server.
Plex with a Wii U is comfy as fuck.
Kevin Sanchez
Okay.
That would be fine.
His wifi password is the weakest link at that point.
Luke Phillips
>Security though obscurity
No. Stop being stupid.
Also, people can easily port-scan you, and they actually will.
Liam Bell
Put your tinfoil hat back on.
Even a router from 2014 with a firewall won't let you portscan the local network.
Christopher Sanders
It depends whether we're talking about just the local network or exposed to the open internet.
My SSH server and HTTP server gets hundreds of random login attempts and accesses to shit like .htaccess every day.
Gavin Gonzalez
>It depends whether we're talking about just the local network or exposed to the open internet.
OP does not know shit like he said, he probably hasn't opened any ports to the outside from the router itself.
See
Aiden Rivera
>hundreds
or thousands
Easton Wood
If it's open to the internet, you're fucked.
Go to shodan.io, search for 'iomega,' and have fun.
Jordan Davis
I just checked my sshd log, and yesterday there was 2231 lines, and 86 unique IP addresses.
James Butler
I don't really know what you mean inside or outside the router but I followed a guide on port forwarding so I can host a Minecraft server for my friends
Easton Perry
Why do you idiots have Internet-facing SSH?
Angel White
Because I want to SSH into it from the outside. Securing SSH isn't even hard.
- Disable root logins
- Key-only authentication
- fail2ban if you want to go even further
Landon Butler
>having an ssh port open to the Internet
Set up a VPN you fucking idiot.
Austin Garcia
Why? SSH works fine.
Key-only authentication is the real killer. If they can get past that, they deserve to get in.
Jeremiah Parker
Or have it autoban after 10 bad log in attempts? Or set up something like Kerberos?
Kayden Garcia
>they actually have Internet facing ports besides 80,443,or a vpn daemon port
Why do you hate security?
Carter Gonzalez
I have an email sever set up as well, so that's like an additional 8 ports that are open.
John Harris
You're running an email server from your home network?
Damn, son. Rip.
Logan Nguyen
Dude, are you sure literally anyone gets your mail? Most antispam filters auto block all mail from dynamic IPs.
Camden Cooper
Sausage fingered enter too early. Email server is the only thing I don't home-host. I rent out a VPS from RamNode and use iRedMail.
Hudson Reed
My IP address hasn't changed in like 5 years.
I've got most of the major email services to accept them, except Microsoft.
I think it's because my fucking ISP doesn't do reverse DNS.
Joshua Collins
Nah microsoft antispam is the dumbest
I work for a hosting company and we literally move to 3rd party smtp relays due to microsoft not responding or just having shit communication ("what are you talking about, you're not blacklisted??" when absolutely zero email arrived from our IP to outlook address)
Noah Morgan
>ISP doesn't do reverse DNS
Aye, that's what kills me. My ISP reverse DNS to pool.nyc.fios.verizon.net
Which just is instakills any hope I have for sending mail.
Landon Johnson
>Kerberos for a SOHO network
Sup Forums ladies and gents
Jaxon Gray
...
Dominic Collins
You're the only meme in this thread.
Nicholas Peterson
should I use Arch or CentOS for my new home server?
Colton Rogers
All of the stuff I want to do shouldn't be attached to my home network. That being said you guy should all check out tinc for a home mesh network.
Lincoln Stewart
PS3 media server FTW
Aaron Peterson
>Arch for servers
Noah Nguyen
>Arch
>server
kek
Just go Debian or CentOS.
Juan Mitchell
I've only ever used SSH for my servers. What the fuck are you on about? When would ever NOT have an "internet-facing" SSH?
Angel Hernandez
I'm sorry that I leave the house