Dynamic DNS

pxnguinPr3 · December 27, 2018

Hi, so Im trying to run a web server of my raspberry PI, and im trying to use noip.com, im using a BT Buisness router and was wondering before i used it, is there any security risk to any of the computers or NAS's on the network?

JohnDongus · December 27, 2018

There's always a risk opening any device to the internet. Just make sure your passwords are nice and safe and that you aren't running any versions of software that have known vulnerabilitys you can use this to search

https://www.cvedetails.com

It's most likely not nessisarry but if you want to check go ahead.

faziten · December 28, 2018

9 hours ago, pxnguinPr3 said:

Hi, so Im trying to run a web server of my raspberry PI, and im trying to use noip.com, im using a BT Buisness router and was wondering before i used it, is there any security risk to any of the computers or NAS's on the network?

Depends on how you set things up, here is a short list of good practices, try to get as many as you can. (Googling anything down below will result in a gazillion tutorials you can follow).

Configure the web service inside a DMZ to minimize the impact. (At least only this server gets compromized and not the entire network).

Virtualizes services. Since its a Raspberry it's kind of hard to virtualize but QEMU is always an option. (in case of compromise, only the VM gets owned not the entire machine).

Run only what you need. (If you dont need other services stop them.)

Run latest patched up servers (try to get a guide on how to harden your particular version).

Don't leave anything at default settings (no secondary accounts, not "test123" passwords, no "hidden" folders, etc.)

Log. Set every service to log access and behavior. Read said logs every time you can.