0
As someone with rather limited knowledge about network security, I would like to know: Is it «safe» to run (1) a MySQL server, (2) some docker containers with arbitrary services and (3) an apache or nginx as reverse DNS, in a standard home LAN, and expose them to the internet? My network setup is quite simple: one router, connects to the internet, all devices in the house directly connect to that router. I can use port forwarding and DDNS to let any device in the LAN become a server. There is currently no DMZ configured and I’m not using a physical firewall.
Is it safe to forward ports like 80 to devices in such a LAN, or should I even refrain from registering the router’s public IP at a DDNS? In other words: Can the described setup (1) make the devices vulnerable, to which ports are forwarded (malware injection, data theft, …) or even (2) make other devices on the LAN vulnerable, that don’t have anything to do with the servers?
Of course, this is not a production environment. I just often work on multiple projects at once, which I want to reach from outside my house, and I don’t want to pay large amounts of money for AWS, GCP, etc. So, I wanted to have servers for MySQL, Mongo, Neo4J, etc. always up and running, and also deploy some of my web apps for personal demo and testing purposes.