Jump to content

is this safe?

Guest
By Guest
in Networking
 Share
Posted

I making my own vpn with a rapsberry pi and am having trouble getting the upload to work (thats a different issue if you have input) but it still works with youtube and stuff (mainly download) so I am wondering is it safe to have the pi set as the DMZ Host? I don't really understand a ton about networking.

Link to comment
https://linustechtips.com/topic/883570-is-this-safe/
Share on other sites
Link to post
Share on other sites
Posted

When a device is set as the DMZ Host, *every* request coming from the internet that isn’t directed at something else (e.g. a reply to a client device’s request, or other things you may have port forwarded like a minecraft or other server) will be forwarded to it. This means that if you set up something on the Pi, it will be accessible to the internet. SSH waiting for someone to bruteforce and try dictionary attacks on you? Check. SMB or NFS file sharing with possible known bugs? Check. An improperly configured proxy or VPN that lets people into your network or to use your connection? Check. 

 

It is way safer to only forward the individual ports you need. Note that some types of VPNs, like PPTP, require other protocols like GRE to be forwarded to the Pi. Most routers have a section in their Firewall/NAT config for VPN Passthrough to help with this.

Looking to buy GTX690, other multi-GPU cards, or single-slot graphics cards: 

 

Link to comment
https://linustechtips.com/topic/883570-is-this-safe/#findComment-10914841
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Networking

×