No, people are probing it right now. But looking at the logs, nobody has ever made it through. And I run a pretty basic setup, just Cloudflare and Authelia hooking into an LDAP server, which powers Jellyfin. Somebody who invests a little more time than me is probably a lot safer. Tailscale is nice, but it’s overkill for most people, and the majority of setups I see posted here are secure enough to stop any random scanning that happens across them, if not dedicated attention.
Comment on Jellyfin over the internet
EncryptKeeper@lemmy.world 1 month agoNobody is gonna bother wasting time hacking into your home server
They absolutely will lol. It’s happening to you right now in fact. It’s not to consume your media, it’s just a matter of course when you expose something to the internet publicly.
_cryptagion@lemmy.dbzer0.com 1 month ago
EncryptKeeper@lemmy.world 1 month ago
No, they are actively trying to get in right now. If you have Authelia exposed they’re brute forcing it. They’re actively trying to exploit vulnerabilities that exist in whatever outwardly accessible software you’re exposing is, and in many cases also in software you’re not even using in scattershot fashion. Cloudflare is blocking a lot of the well known CVEs for sure, so you won’t see those hit your server logs. If you look at your Authelia logs you’ll see them though. If you connect via SSH you’ll see those in your server logs.
You’re mitigating it, sure. But they are absolutely 100% trying to get into your server right now, same as everyone else. There is no consideration to whether you are a self hosted or a Fortune 500 company.
_cryptagion@lemmy.dbzer0.com 1 month ago
No, they are actively trying to get in right now. If you have Authelia exposed they’re brute forcing it.
No, they aren’t. Just to be sure, I just checked it, and out of the over 2k requests made to the Authelia login page in the last 24 hours, none have made it to the login page itself. You don’t know jack shit about what’s going on in another persons network, so I’m not sure why you’re acting like some kind of expert.
EncryptKeeper@lemmy.world 1 month ago
Yes they are. To suggest they’ve would be a statistical wonder.
2k requests made to the Authelia login page in the last 24 hours
Are you logging into your Authelia login page 2k times a day? If not, I suspect that some (most) of those are malicious lol.
You don’t know jack shit about what’s going on in another persons network
It’s the internet, not your network. And I’m well aware of how the internet works.
I’m not sure why you’re acting like some kind of expert
Well I am an expert with over a decade of experience in cybersecurity, but I’m not acting like an expert here, I’m acting like somebody with at least a rudimentary understanding of how these things work.
dbtng@eviltoast.org 1 month ago
And this is the start of the longest crypto nerd fight I’ve seen on Lemmy. Well done, people!
EncryptKeeper@lemmy.world 1 month ago
Not so much a fight as an exercise in futility lol
dbtng@eviltoast.org 5 weeks ago
Well, I might as well put a dog in the fight. I’m considering my final, actually secure deployment of nextcloud.
This discussion has convinced me that a vpn is the only answer.
And almost everyone says wireguard.K. Thats what I will build.
EncryptKeeper@lemmy.world 5 weeks ago
It’s not the only answer, but it’s the one that will get you the most secure with the least amount of effort.
Auli@lemmy.ca 1 month ago
What a bunch of B’s. Sure your up gets probed it’s happening to every ipv4 address all the time. But that is not hacking.
EncryptKeeper@lemmy.world 1 month ago
Anything you expose to the internet publicly will be attacked, just about constantly. Brute force attempts, exploit attempts, the whole nine. It is a ubiquitous t and fundamental truth I’m afraid.
mic_check_one_two@lemmy.dbzer0.com 1 month ago
Yup, the sad reality is that you don’t need to worry about the attacks you expect; You need to worry about the ones you don’t know anything about. Honeypots exist specifically to alert you that something has been breached.
SupremeDonut@lemmy.ml 1 month ago
Couple questions here.
What is a honeypot? I’ve only heard it in terms of piracy.
Also, what steps can someone take to reinforce this attack layer? You have an infograph or something people can google search their way through?
meltedcheese@c.im 1 month ago
@EncryptKeeper That’s my experience. Zombied home computers are big business. The networks are thousands of computers. I had a hacker zombie my printer(!) maybe via an online fax connection and it/they then proceeded to attack everything else on my network. One older machine succumbed before I could lock everything down.