Noob questions about firewalls/security
-
Setup my pfsense a few weeks ago and it's been running like a champ. I'm running OpenVPN on it over port 443 and I'm wondering what (if any) threats am I opening myself up to by doing so? I see from the firewall logs that my perimeter is periodically probed on that port (among others). Unfortunately, I lack sufficient knowledge to know whether or not I should be concerned about this (experience level: "tinkerer").
I would assume that any unauthorized attempt to connect on 443 would fail because "nothing" is there to respond unless you have a client cert. Thoughts? And while we're at it can anyone recommend a good primer for learning more about this kind of stuff (ports, protocols, services & network hardening in general)?
Feel free to explain this like you would to a child.
Thanks.
-
Generally best to not use standard ports unless you have an absolute need to. If you're using cer based auth, then the only real issue you need to be concerned about is an security flaws in the VPN protocol, like the whole HeartBleed issue.