Duckdns vs tailscale : security

I don’t think is a a difference in terms of security. One method might look little safer at first glance as it doesn’t require port forwarding but if you create a public certificate your domain becomes public due to certificate transparency and everybody knows there is a service hosted on this address… more or less no difference the attacker scans your IP and discovers the service - depending on POV first method might seem even easier - you get the DNS name for free…

security doesn’t benefit from hidden knowledge - “security by obscurity” doesn’t work - it benefits from up-to-date software, good passwords and Multi Factor Authentication

mfa security

1 Like