Server is ethernet connected on LAN, means exposed to the internet?

You may have an Internet connection, but you are almost certainly behind a NAT router, not directly connected to the Internet.  Normally, that NAT router is the only machine that faces the Internet, has a direct connection, and is under constant attack by numerous bots roaming the IP’s of the Internet. 

You only have a local IP for your local network.  Only the router has your true IP that is seen on the Internet.  When your browser or NTP service (or other Internet need you may have) needs to see something on the Internet, it makes a connection to an Internet server, and your router notes that connection and allows that server to respond, using the associated ports of your connection.  The router will route those responses back to your machine, and not any other. 

The outside bots and servers cannot attack or connect to your machine, because they can’t even see it, and they don’t know your local IP.  The only contact that outside machines can have with your machine is strictly through connections your machine initiates first, through your router.

Now if you *did* want to put your server directly on the Internet, most routers have a setting where they can put any machine into a ‘DMZ’, a special unprotected zone, which means the Internet is directly connected to any machine you choose!  And the router won’t block any Internet traffic then, but allow all of it to come through to you. 

I would strongly advise you to first disconnect ALL of your drives, and backup your boot drive, because you will be very rapidly attacked!  Never use the DMZ unless you have a lot of security experience!

FavoriteLoadingAdd to favorites
Spread the love

Author: Shahzad Khan

Software developer / Architect