ervwalter@alien.topBtoHomelab@selfhosted.forum•Can someone please explain to me, a casual home user, why it's dangerous to expose my NAS login page to the internet?...English
2·
1 year agoAll software has bugs. Sometimes bugs let you do things you weren’t intended to be able to do (e.g. access data on a NAS without knowing the login password). Your NAS might have a bug that hasn’t been discovered (or publicized yet) or hasn’t been fixed yet.
If you put your NAS on the internet, you give “bad guys” am opportunity to exploit those bugs to get your data or to use your NAS as a jumping off spot to attack other things inside your home network.
The point of purchasing a registered domain name and connecting it to a public DNS server is to make it findable from any Internet location. If you only ever want to use the domain name internally, you don’t need to have a public domain name and you can make up your own internal domain name that is served by your local DNS. To avoid future conflicts with public domains, I’d probably use a TLD that doesn’t exist (e.g. not .com or the like).