Home services and security.

[xrapidx]

I run quite a few home automation services, download services, paradox alarm, etc from home - each exposed on a port, some with SSL some without... its all been good sailing so far - but I am worried about security.

All of these services are accessed by my cellphone/tablet/laptop - with my cellphone and tablet being the main user 98% of the time.

In terms of security, would it be a better idea to setup a VPN server at home, and have my phone constantly connected through that, instead of port forwarding on the router, to some unsecure devices?

 

[Genisys]

What you can do is, set up PFsense, or get a Mikrotik or Ubiquity router. Add home automation stuff to own DMZ, then set up a VPN server on the equipment, and let the VPN client only connect to the DMZ. Way better security.

 

[HavocXphere]

Been wondering about this too.

My Rpi is finally running & think I'll grab a fixed IP for my home connection. Throwing a bunch of exposed servers (FTP, Owncloud, VPN etc) on there seems a bit risky though.

 

[xrapidx]

In the interim I've setup OpenVPN (I saw the router has a server built in)