I see a lot of people here uses some form of remote access tool (VPN/Tailscale) to access their home network when not at home. I can’t really do this because my phone (iOS) can only activate one VPN profile at a time, and I often need this for other stuff....
Expose a VPN endpoint on non standard port and keep everything else internal if you can. If you want things to be even nicer create a seperate vlan for your internal services or just firewall rules from your VPN to the needed ports on your services.
If you are even more paranoid send an email notification everytime the VPN server has a new connection or keep a default account/password on your services with 0 permissions and monitor when some dumbass logs in with it. Little scripting and you can automatically kill the connection when your VPN has been compromised. You can also disable the exposed VPN whenever you are detected “home”. You can go crazy with the ideas if you have too much free time on your hands!
Is it considered bad practice to expose selfhosted services on public internet?
I see a lot of people here uses some form of remote access tool (VPN/Tailscale) to access their home network when not at home. I can’t really do this because my phone (iOS) can only activate one VPN profile at a time, and I often need this for other stuff....
DNA computing breakthrough: bio-compatible computers in sight. DNA crystal engineering makes logic gates possible, which could lead to DNA-based computers and biosensors. (innovationorigins.com)
Findings were published here: onlinelibrary.wiley.com/doi/abs/…/adma.202302345