View Single Post
  #2   (View Single Post)  
Old 6th February 2012
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

Welcome to the Internet.

Consider if the Internet were the real world -- your IP address would be your home address. You would want to keep your doors and windows locked, and only let in people you knew, and greeted at the door yourself.

Consider what happens when you set up a service that awaits incoming activity -- you unlock your door. In this case you have a service that will respond to anyone who "knocks" at two doors on your front porch: the two marked TCP port 80 and TCP port 443.

Your experience is typical of anyone who ever opens a service on the Internet, intentionally, or unintentionally. There are script kiddies and other bad actors who set up computers to do nothing other than scan blocks of subnets by the millions -- knocking on every door -- and hoping for positive responses, and then subject those responding systems to further attack.

Your NAT router is not described. If your router is OpenBSD, PF gives you a lot of options to control access to your services, including limiting or eliminating many forms of attack, and adding attacker IP addresses to blocking tables automatically. If your NAT router is a turnkey SOHO device, you are limited to whatever that device may offer, which might be no more than NAT alone as your sole protection from the vagaries of the Internet.

You mention that you have opened "domain" services -- so you are perhaps running or plan to run a DNS server open to the Internet from this platform as well, though that doesn't make much sense to me if your Internet address is dynamic.
Reply With Quote