I have a VPS that I secure as much as possible since the IP is public, but does a wireguard-access-only homelab warrant the same efforts? Those with homelabs like this, what do you do?

  • surewhynotlem@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    3 hours ago

    Assume a security researcher finds a bug in wireguard that, if sent a malformed packet, it can crash the service. Then it would be trivialy easy to send that packet to the default port on every IP address and just crash everything for fun.

    It costs me nothing to increment the port by 1 and avoid all that drama.