this post was submitted on 23 Nov 2023
6 points (100.0% liked)
Homelab
371 readers
9 users here now
Rules
- Be Civil.
- Post about your homelab, discussion of your homelab, questions you may have, or general discussion about transition your skill from the homelab to the workplace.
- No memes or potato images.
- We love detailed homelab builds, especially network diagrams!
- Report any posts that you feel should be brought to our attention.
- Please no shitposting or blogspam.
- No Referral Linking.
- Keep piracy discussion off of this community
founded 11 months ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Here’s the way I think of it. Imagine you live in a house at the end of a long street. Your front door is the login page to your Synology. All the measures you’ve put in place (cloudlfare, ip blocklists, firewall) are the equivalent of putting up a guard booth/gate at the end of your driveway that only allows cars with a license plate of a specific state.
You haven’t made yourself significantly more secure, just lined the traffic up in a more organized fashion. You are still trusting the people that made your door lock to not be vulnerable.
Yes, it’s easier to access vs having a big metal gate that only you have the code to open (VPN) in front of your house. But why open yourself up to a single point of failure?
Here’s just one recent example of an attacker being able to bypass the authentication on a synology. All the things you have implemented wouldn’t prevent a single person in the internet from using this exploit. https://www.zerodayinitiative.com/advisories/ZDI-23-660/