I sometimes think I'm overly worried about exposing services on my home network to the internet. I've had #syncthing configured to be LAN-only since I installed it, and the only service I run on the open internet is the VPN so I can get access to my system remotely.
Have I been fooled by the internet equivalent of health class scare tactics where any sort of sexual activity = instant STDs and pregnancy?
@pganssle it really depends on your threat model and budget.
Are you protecting your systems and data from random, tailored, mass or state-sponsored attacks? And how much time are you willing to invest on maintaining the system (patching etc)?
For example, if you are concerned about state-level attacks and have little time for sysadmin, just put it online as you *will* get compromised :)
On the other hand, if you are mostly concerned about worms and random attacks and have no budget for security, just keep it LAN only.
