Hey guys,
since several days I recognized more and more notifications on my UDM pro that there were attempts of ET EXPLOIT HackingTrio UA (Hello, World) from different country, mainly asians on port 8123. I just opened port 443 for Duckdns with port forwarding to my VM on port 8123. The attempts are getting more and more, is this something i should be concerned about? What do you guys recommend to avoid this? Or is this just some guys driving by with their port scanners?
The general rule is blocking all ports except the ones you need. My firewall lets me chose if i want to let communicate the internet with my devices or letting the internet only answer if my devices wants something over these ports. OFC i can block it also entirely.
Ive grouped my everyday devices like gaming pc, console and so on into a group with its own physical network and opened the ports, but restricted the access from the internet. My server has its own physical network with all outgoing ports blocked except 80, 443 and a few more needed for my setup to work. Also my wifi is an own seperate network, also no access to the rest of my setup, except 2 IP´s for my mobile and my laptop. And its access is also limited to the used ports.
ok, but it’s strange anyways in my case that 8123 isn’t open! just 443
