I'm trying to determine if having a port forward on my NAT gateway to an unused IP address exposes me to any security risks. Obviously if a device ends up at the IP address then there is a potential for intrusion from the internet, but are there any way that a port forward can be exploited if the destination IP is not used?
Is there anyway (short of a vunerability in the NAT gateway) that an un-used port forward like this could present an opening to an attacker?
For context, I currently run an Open VPN server with associated port forward to allow me remote access to my home network. I'm trying to setup a system to remote bootstrap the VPN in the case where the VPN server has shutdown. I can setup my router to regularly send a wake-on-LAN packet to reboot the services if it shuts down. The main challenge being that I need someway to remotely enter the disk encryption password to allow my server to boot.
So I'm considering using dropbear in initramfs to exposes an SSH server on a normally unused IP address that I can log into specifically to decrypt the disk.
For this to work, I'd have to open a port forward to the SSH server. This setup would mean that during this reboot an attacker could potentially access the SSH server, but would it present any security risk when the VPN server is up and running (on a different IP) so that the forward goes to an unused IP?
