@pganssle Hello Paul, good evening and welcome to Qoto.

Seems no one replied to you and gave you the welcome we try to post to all new users; until now, that it is.

I wouldn't consider that you are worrying too much - taking a risk when it's not essential is not a good thing, there are a lot of bad actors out there, including state agents. Lock it down and keep it private is the best, imo.

I wouldn't think it's an exaggeration or an undue scare. I had a linux firewall for years on my home network, before the commercial routers started to become any good and secure.

I used SmoothWall, running on a spare older computer, and it had a lot of nice features and controls.

Have been using commercial routers for the past few years, most of the time with custom firmware - Tomato is the one I use.

Enjoy your stay, post any topics you are interested in for discussion. Reminds me I should go and take a look how the Smoothwall project is doing nowadays! 😄

@pganssle it sounds like you are operating with responsible network health and hygiene IMO. The only way your STD comparison works though, is if sex involved thousands or millions of people all copulating together in some kind of open-free-webscale-orgy. To me STD risk is exponentially lower than the network breach risk, but the infection is also much nastier and less desirable. 😆

@pganssle it really depends on your threat model and budget.

Are you protecting your systems and data from random, tailored, mass or state-sponsored attacks? And how much time are you willing to invest on maintaining the system (patching etc)?

For example, if you are concerned about state-level attacks and have little time for sysadmin, just put it online as you *will* get compromised :)

On the other hand, if you are mostly concerned about worms and random attacks and have no budget for security, just keep it LAN only.