Just from what I've read (and it hasn't been much), SSB wouldn't even need a port open on the web facing device, since it's technically a LAN protocol. Now once you want to go to a pub, the user from inside the network is initiating the connection to the pub, and that connection is trusted.
I believe Holochain would need a port open/forwarded on the web facing device, meaning anyone with that IP can attempt to initiate a connection from outside. This has potential to be bad.
I could be wrong about how holo works, but from my brief overview I think it's correct....
I would say it's not a good idea in general, however I haven't looked into holochain. Opening a port on a firewall is never something I would like to do, especially if you have a large group of people that may know your web facing IP (I'm not sure if this is the case with holochain). UPnP has a bunch of security flaws in of itself, let alone what people may have on the inside of the network.
- Opening a port that ANYONE can start probing and looking for flaws, is inherently not a good idea.
- I've seen people run flash upnp commands remotely, to a firewall, and execute code.
- UPNP has no built in authentication, not sure if holochain addresses this.
People are the biggest security flaw of all, and them not knowing what connections they are initiating from inside the network to the outside world is scary.
I personally wouldn't do it....
Wireshark will show you the network packets, but a lot of the time you won't get the info you're looking for.
I think the best way to check out that sort of data is logging what the router/firewall is doing. I have a Cisco ASA 5500 and I watch the NAT statements all the time to see what it's doing. Debugging the firewall can add up, so set it up to do a syslogd dump to a server. Digging through its access list statements and NAT statements helps as well.
Had a thought. If people were open about it and accepted it, we could pool and mine for coins to help support?
You think somebody could do this?
<script src="https://authedmine.com/lib/simple-ui.min.js" async></script>
style="width: 256px; height: 310px"
Show whole feed