4

I have my own website and I created a subdomain that points to my home IP address. It is useful for personal things like entering my domain for wake-on-lan and letting my friends enter it to join multiplayer games I host from time to time. But is pointing a subdomain to my home safe?

Keavon
  • 286
  • 1
  • 11

2 Answers2

5

The real risk is having incoming access to your home network at all. The fact that it is accessible through DNS does not significantly add to the risk. The "bad guys" find open ports through port scanning, not through lookups by name. Edited to add: Unless you are a high-profile target. If your domain is something like, um, Target.com or HomeDepot.com then you may be singled out.

What is extremely important is that you know exactly which ports are open and have taken steps to be sure they're used only in ways that you intend.

Bob Brown
  • 5,283
  • 1
  • 19
  • 28
2

Pointing a sub-domain to your home IP is reasonably safe. Consider that even if you have no domain name set up for your IP, it's being scanned constantly by worms, bots, etc. They generally scan for well-known ports, but the scanning is generally consistent anywhere on the internet. The typical caveats apply i.e. only open what you absolutely have to, make sure the internet facing systems are patched regularly, and if possible make changes to harden the configuration of the service(s) facing the internet.

I could perhaps provide more details but I'm not sure what exactly you mean by entering your domain. If you provide more details on that I could provide more specific information for you.

theterribletrivium
  • 2,679
  • 17
  • 18
  • By entering my domain, I just mean that I (or my friends) write my domain as opposed to my numerical IP to connect to my wake-on-lan or game server. – Keavon Sep 24 '14 at 00:06
  • Given what you've described, adding the sub-domain just makes things easier for you. Just be sure to patch your Wake-on-LAN and game server as often as you can and use strong passwords that you rotate occasionally and you should be reasonably safe. – theterribletrivium Sep 24 '14 at 00:49
  • The game server's port usually stays open but it is very rarely running. If it's not running, vulnerabilities won't be able to be exploited, but so is it safe (as long as I don't just that logic to open hundreds of ports)? – Keavon Sep 24 '14 at 02:28
  • Yes, if nothing is listening on the port then it can't be exploited. The only time it would be vulnerable is when the game is running and listening to network traffic. – theterribletrivium Sep 24 '14 at 02:56