I use a Synology NAS at home that is not accessed from the world network. Of course, the device has indicated attempts to hack it.
Synology has two perfect features against attacks:
1 - Blocking in the firewall by geolocation (I left access only from the Czech Republic and the USA)
2 - configurable autoblock (blacklist) of IP address from which several login errors occurred in a defined time … with configurable expiration (attacks are reported by email). There is also a user whitelist.
3 - recommended to change the standard admin account “admin” to another name
The combination of the above features stopped all attacks.
================
Why am I writing this … I would really like to have such features in OS Turris
I don’t know if you read my post properly. It would be a solution where they don’t need a VPN. Illegal attempts from around the world are limited to 2 domains - I have setup that one wrong login attempt will block access from the IP address.
The resulting reality is that the Synology log records nothing instead of hundreds of attempts recently - zero.
I am not dependent on a limited mobile provider, for I can choose any device in the allowed domain´.
It’s a different solution for a different requirement. Technically for developers there is no tricky
you could also try to use a secure tunnel exposed to a port - i was playing a bit with this service - but it wasnt very fast. https://pinggy.io/
Every time you start it you get a random url and port where the service runs