How secure it is to open home router to public?

1

First of all I hope this is the right place to ask the question. If it is not, feel free to close this.

My housemate proposed to open our home router to outside world. He is the process of learning for his Windows Certification and would like to set a sample company that serves as his server that he can access it anywhere. By doing this he hopes that he can get a hands-on experience of what real server is and how it is setup. He is thinking to open bi-directional traffic for port 80, 443, 22 and 53.

He mentions that by doing the things above, he will be able to access his server anywhere and he doesn't have to be stuck at home to learn for his certification. There is nothing to worry about according to him because everything will be still secure.

The question that I am asking here, is there really no risk opening our home network to the public? That doesn't sound right to me. I am just asking for your opinion about this situation. I only have basic understanding of how to set up a home network and this is beyond of what I understand. Thanks!

Kyodb

Posted 2014-09-22T19:06:42.243

Reputation: 11

3Its not secure. – Ramhound – 2014-09-22T19:14:58.940

"Is there really no risk to opening our home network to the public?" It depends what you have connected to the network, and whether those devices are dependent on the router for protection rather than protecting themselves. – Robin Hood – 2014-09-22T19:49:16.540

Answers

2

He will learn shortly that opening windows in a house does not make it more secure, but quite the opposite.

What he should do is try to get a separate Internet connection, dedicated for that server. Leave open the few ports he needs, but have it completely segregated from the main network you both share. This is if money is not object.

What you can also do is buy a second router. The first one can have the ports opened, and pointing to the server. Then, off one of the LAN ports, connect your main router's WAN connection. Connect the rest of your computers to this second router, so it still has some protection.

Port 80 and 53 get abused a lot if you're not careful. Port 22 is for SSH access, traditionally for administering Linux servers. 443 will be HTTPS, and require him to setup certificates for websites.

There will be more risk otherwise, as you are opening yourself up to more points of entry. Yes, you can guard them, but until you know better, it's just an open window. Period.

Canadian Luke

Posted 2014-09-22T19:06:42.243

Reputation: 22 162

4Another option which is free. Setup OpenVPN forward a single port, or if the router supports it, have the router be the openvpn server. A vpn solution would be secure. – Ramhound – 2014-09-22T19:19:21.893

+1 I'd add the use of virtual machines. Spin up some VMs, set up roles, set up portforwarding, and you won't have to sacrifice your host machine or your entire network's security. – happy_soil – 2014-09-22T21:48:04.003

Asked: 2014-09-22T19:06:42.243

Viewed: 99 times

Active: 2014-09-24T22:58:52.567