Comment on Are you exposing any ports on your home server?
roi@lemmy.blahaj.zone 1 year agoFor lots of things I self host that I wanna expose, I’ll just open a random port like 6952 and then reverse proxy w/ nginx on my web server. Not sure how secure it is, but it works
cestvrai@lemm.ee 1 year ago
Ports are probed and scanned constantly so a random port doesn’t make so much difference. I would use a strict firewall with the server IP whitelisted.
fuckwit_mcbumcrumble@lemmy.world 1 year ago
Ever since I moved to a ridiculously high port I haven’t had any access attempts on my server. 6952 won’t do shit, but if you’re between 40000 and 65000 you probably won’t get anything.
dandroid@dandroid.app 1 year ago
Can they see what you are hosting on that port, though? Like say I want to open ssh to my server from the internet (I wouldn’t do this, btw, and I don’t recommend anyone does), but I don’t want to open it on port 22 because that’s too obvious. Are there bots that just try every protocol until they find one that your server responds to? Or is there a way to dig up information on what is being exposed behind that port?
tburkhol@lemmy.world 1 year ago
nmap will try. nmap.org/book/man-version-detection.html