price's recent activity

  1. Comment on What’s your preferred work monitor setup? in ~comp

    price
    Link Parent
    I have a 40 inch ultra wide 5k2k and it’s the best setup I have had yet. Prior setups have included: 34 inch 1440p ultrawide and 27 inch mounted vertically 43 inch 4k monitor 3x 25 inch 1440p monitors

    I have a 40 inch ultra wide 5k2k and it’s the best setup I have had yet. Prior setups have included:

    • 34 inch 1440p ultrawide and 27 inch mounted vertically
    • 43 inch 4k monitor
    • 3x 25 inch 1440p monitors
    3 votes

  2. Comment on I need a sanity check from security experts (opening ports on the router) in ~tech

    price
    Link
    Sort of, pretty much by opening those ports you are allowing a hacker who knows your ip address and the port that is open an opportunity to test the security of that application exposed on that...

    Sort of, pretty much by opening those ports you are allowing a hacker who knows your ip address and the port that is open an opportunity to test the security of that application exposed on that port. IP addresses are always scanned for common ports. Less common ports are also scanned just at a slightly lower frequency. After scanning for ports, any discovered ports are then attempted to be exploited for very common vulnerabilities. If your application doesn’t have these vulnerabilities you are likely fine.

    In direct answer to your question:

    1. You give them a chance to compromise your machine if there is a known exploit. Uncommon if you are using a widely used and frequently patched software but possible. If they compromise your raspberry pi they can theoretically move across your other devices with known exploits.

    2. You can segment that device on its own network and only allow traffic to come in to those ports and don’t allow anything to leave on other ports. This is kind of like a DMZ, but less secure.

    3. If you want to be extra secure you should front your application with a well known application that is patched often for known exploits such as nginx. You are right to be paranoid if you don’t know the answer to these questions.

    The absolute best solution here is to use a vpn and don’t open ports. This sounds like what you are doing and should continue to do. If you are using a vpn don’t open any ports because you don’t need to.

    Most bad actors out there are just using common exploits that have scripts built to exploit them. If you don’t have these vulnerabilities then you are probably ok for the most part.

    9 votes