Thread replies: 41
Thread images: 4
Thread images: 4
File: Screenshot_2017-07-13-13-30-25.png (2MB, 2560x1440px) Image search:
[Google]
2MB, 2560x1440px
Who here /home server/?
I use mine for Plex and a home file server but I'm not smart enough to set up password authentication so my stuff is just open on some random ports. That's okay as long as hackers don't know what port it's on right?
>>
>>61361719
>That's okay as long as hackers don't know what port it's on right?
>Set ssh to port 30025 a month ago
>Chinese botnet got a hold of it somehow and fail2ban engaged like a rotary cannon.
Anon...
>>
>>61361719
I'm giving you 24 hours to secure your shit before I turn on ipconfig and pwn you!
Larping aside, you should secure it or use a firewall to make sure it isn't accessible from the internet.
>>
If you cant set up authentication just block the port through you're router
>>
>>61361719
>home server
Home servers are a meme
>>
>>61361719
I set one up not too long ago, using it mainly as a file server and eventually a print server once things get moved
Torrent daemon as well
>>
>>61361764
>>61361766
>>61361788
The ports are obviously open in the server, inside the subnet and NOT outside the router.
Nothing wrong with that. Unless he's a high risk target, even then any router with default configuration won't give you direct access from the outside just randomly.
>>
nmap and shodan.io
Also JS from website can scan your local network, report things back to server and it can try scan the network from outside.
>>
>>61361719
Same, an old C2D laptop with a huge ass external drive as a Plex-, FTP/File-, BBS-, torrent-server.
Plex with a Wii U is comfy as fuck.
>>
>>61361872
Okay.
That would be fine.
His wifi password is the weakest link at that point.
>>
>>61361719
>Security though obscurity
No. Stop being stupid.
Also, people can easily port-scan you, and they actually will.
>>
>>61361958
Put your tinfoil hat back on.
Even a router from 2014 with a firewall won't let you portscan the local network.
>>
>>61361973
It depends whether we're talking about just the local network or exposed to the open internet.
My SSH server and HTTP server gets hundreds of random login attempts and accesses to shit like .htaccess every day.
>>
>>61361999
>It depends whether we're talking about just the local network or exposed to the open internet.
OP does not know shit like he said, he probably hasn't opened any ports to the outside from the router itself.
See >>61361872
>>
>>61361999
>hundreds
or thousands
>>
>>61361719
If it's open to the internet, you're fucked.
Go to shodan.io, search for 'iomega,' and have fun.
>>
>>61362037
I just checked my sshd log, and yesterday there was 2231 lines, and 86 unique IP addresses.
>>
>>61362029
I don't really know what you mean inside or outside the router but I followed a guide on port forwarding so I can host a Minecraft server for my friends
>>
>>61361999
>>61362037
>>61362102
Why do you idiots have Internet-facing SSH?
>>
>>61362252
Because I want to SSH into it from the outside. Securing SSH isn't even hard.
- Disable root logins
- Key-only authentication
- fail2ban if you want to go even further
>>
>>61362267
>having an ssh port open to the Internet
Set up a VPN you fucking idiot.
>>
>>61362278
Why? SSH works fine.
Key-only authentication is the real killer. If they can get past that, they deserve to get in.
>>
>>61362278
Or have it autoban after 10 bad log in attempts? Or set up something like Kerberos?
>>
>>61362310
>>61362318
>they actually have Internet facing ports besides 80,443,or a vpn daemon port
Why do you hate security?
>>
File: 1377322948001.gif (147KB, 517x469px) Image search:
[Google]
147KB, 517x469px
>>61362454
I have an email sever set up as well, so that's like an additional 8 ports that are open.
>>
>>61362487
You're running an email server from your home network?
Damn, son. Rip.
>>
>>61362487
Dude, are you sure literally anyone gets your mail? Most antispam filters auto block all mail from dynamic IPs.
>>
>>61362541
Sausage fingered enter too early. Email server is the only thing I don't home-host. I rent out a VPS from RamNode and use iRedMail.
>>
>>61362541
My IP address hasn't changed in like 5 years.
I've got most of the major email services to accept them, except Microsoft.
I think it's because my fucking ISP doesn't do reverse DNS.
>>
>>61362571
Nah microsoft antispam is the dumbest
I work for a hosting company and we literally move to 3rd party smtp relays due to microsoft not responding or just having shit communication ("what are you talking about, you're not blacklisted??" when absolutely zero email arrived from our IP to outlook address)
>>
>>61362571
>ISP doesn't do reverse DNS
Aye, that's what kills me. My ISP reverse DNS to pool.nyc.fios.verizon.net
Which just is instakills any hope I have for sending mail.
>>
File: 1424894592762.png (157KB, 477x355px) Image search:
[Google]
157KB, 477x355px
>>61362318
>Kerberos for a SOHO network
/g/ ladies and gents
>>
File: L1News_20170404_International_Dracula_Pyramid_Scheme_Conspiracy.webm (3MB, 278x354px) Image search:
[Google]
3MB, 278x354px
>>61361719
>>
>>61361805
You're the only meme in this thread.
>>
should I use Arch or CentOS for my new home server?
>>
>>61361719
All of the stuff I want to do shouldn't be attached to my home network. That being said you guy should all check out tinc for a home mesh network.
>>
PS3 media server FTW
>>
>>61364569
>Arch for servers
>>
>>61364569
>Arch
>server
kek
Just go Debian or CentOS.
>>
>>61362252
I've only ever used SSH for my servers. What the fuck are you on about? When would ever NOT have an "internet-facing" SSH?
>>
>>61362252
I'm sorry that I leave the house
Thread posts: 41
Thread images: 4
Thread images: 4