rayjaymor85

joined 1 year ago
[–] rayjaymor85@alien.top 3 points 1 year ago

Port forwarding itself is not inherently dangerous; in much the same way that jumping out of a window is not inherently dangerous. But obviously it is risky.

If you know what you're doing and mitigate the risk, jumping out of a window onto say a soft landing or a ground floor window is not a problem.

Anyone hosting websites or services either at home or in a datacenter do it all the time.

The dangerous part is if someone can do with that forwarded port if the service it's attached to can be used to gain access to something else on the network.

Usually done by figuring out what you are running, and then exploiting a CVE to get in and then get access to the rest of your network that way.

So as an example I have a VM with Google Cloud that is running my website. If someone does manage to hack it, well, who cares - it's just a VM running that simple LAMP stack.

If I had that same website on my home network, and it can access my home NAS, well if it turns out there's a vulnerability I didn't account for then technically someone can take over that VM and hop into my NAS and do damage there.