Guest - Testers are needed for the reworked CDateTime core component. See... https://forum.kodi.tv/showthread.php?tid=378981 (September 29) x
Is port forwarding safe?
sc1984
Junior Member
Posts: 41
#1
2021-01-10, 20:40
Hello,
 
   So, as the title states, is port forwarding safe? I have a windows 10 HTPC and would like to port forward so I can access my server from anywhere, but I am concerned about getting hacked. Are there some settings to make it secure? Or software? Or is there always a risk regardless? Thanks
Find
Reply
ciukacz
Senior Member
Posts: 133
#2
2021-01-10, 20:56
(2021-01-10, 20:40)sc1984 Wrote: Hello,
 
   So, as the title states, is port forwarding safe? I have a windows 10 HTPC and would like to port forward so I can access my server from anywhere, but I am concerned about getting hacked. Are there some settings to make it secure? Or software? Or is there always a risk regardless? Thanks

when you port forward say RDP 3389 then you essentially hope that RDP service is secure (and that applies to any service),
otherwise an attacker can gain access to a network through just 1 vulnerable service.
the thing is most services are not trustworthy enough to be accessible from WAN (public internet facing).

you should use a trustworthy service like a VPN or SSH tunnel (key based) as an intermediate to first access the network and then in the 2nd step access the less secure service like RDP.
you can setup VPN/SSH on some consumer/SOHO routers so that you don't need to run a server 24x7 for that.

edit: VPNs and SSH also had some security flaws in the past, but at least they are used in IT corporate environments (audited, tried and tested), whereas no sane company would make RDP public facing.
Find
Reply
scott967
Team-Kodi Member
Posts: 5,438
#3
2021-01-11, 02:12
(2021-01-10, 20:56)ciukacz Wrote: when you port forward say RDP 3389 then you essentially hope that RDP service is secure (and that applies to any service),
otherwise an attacker can gain access to a network through just 1 vulnerable service.
the thing is most services are not trustworthy enough to be accessible from WAN (public internet facing).

you should use a trustworthy service like a VPN or SSH tunnel (key based) as an intermediate to first access the network and then in the 2nd step access the less secure service like RDP.
you can setup VPN/SSH on some consumer/SOHO routers so that you don't need to run a server 24x7 for that.

edit: VPNs and SSH also had some security flaws in the past, but at least they are used in IT corporate environments (audited, tried and tested), whereas no sane company would make RDP public facing.

 Not a security guy, but if I wanted to access my media this is they way I would go.

scott s.
.
maintainer of skin  Aeon MQ5 mods for post-Gotham Kodi releases:
Matrix see: Aeon MQ5 Mod Matrix release thread
Nexus see: Aeon MQ5 Mod Nexus release thread
Omega see: Aeon MQ5 Mod Omega release thread

Aeon MQ 5 skin and addon repo 11.2.0
Find
Reply
Klojum
Lost connection
Posts: 14,208
#4
2021-01-11, 10:41
Moved this thread to the OS Independent forum section.
Find
Reply
Atreyu
Posting Freak
Posts: 2,011
#5
2021-01-12, 15:38
I dont forward any ports for security reasons.
See the explanation above for alternatives in case you really want to access services inside your network from outside.
Find
Reply

Home
Search
Help
Logout Mark Read Team Forum Stats Members Help
Is port forwarding safe?0