I have a personal domain name. I got it because my first name was available with my country tld.

I use it for email, which I will most likely keep forever, but how about my self-hosted stuff?

I use Slack’s Nebula to access my self-hosted resources externally.

Would you mind exposing your VPS:es IP:s to the world by adding them as subdomains? In my case lighthouse1.myname.tld and lighthouse2.myname.tld?

I feel much more secure using DuckDNS for those IP:s as it should make it much harder to identify my attack surface.

Does it make sense or am I just paranoid?

I really don’t like the idea of my attack surface being easily identifiable just by my email or first name.

  • SajberspejsOPB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Yeah the IP:s are there for the world to see, but you won’t easily know they belong to me unless I point to them from my domain.

    I’m running a server at home without portforwarding. I connect to it using Nebula on VPS, which is like Tailscale without having to trust anyone.

    • tech2but1B
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Yeah the IP:s are there for the world to see, but you won’t easily know they belong to me unless I point to them from my domain.

      As has been pointed out though, it makes no difference and no-one cares. No-one is manually cross referencing IP’s and domains, and besides, what difference will it make anyway?

      I’ve heard this argument before with someone saying they use DDNS on all customer sites instead of static IPs as it’s “more secure” because there’s a website out there with exposed desktops listed on it.