![]() ![]() Of course there are other reasons to not have an OctoPrint instance available on the public internet, such as sensitive data theft, but catastrophic failure is by far the worst case scenario here. All one would have to do, is flash a new, malicious firmware with no safeguards, over USB, and then tell the printer to keep heating, leading to catastrophic failure. So as soon as the box hosting OctoPrint is comprimised, there go any failsafes built into the firmware. Most printers can have their firmware flashed over USB. If some hacker somewhere wanted to do some damage, they could. OctoPrint is connected to a printer, complete with motors and heaters. Let’s think about this for a moment, or two, or even three. Putting OctoPrint onto the public internet is a terrible idea, and I really can’t emphasize that enough. We as a community have to get the right information to new and/or uninformed users, to prevent a catastrophy from happening. This is a critical issue that needs to be discussed. There are safer ways to access your instance remotely than blind port forwarding. While it is possible that a percentage of the instances found are unintentionally exposed, the vast majority is very likely users who have gone out of their way to expose OctoPrint to the public internet for the sake of convenience. The ISC (Internet Storm Center) recently published an article about OctoPrint instances exposed to the public internet. ![]() What if you want to be able to do this when you’re not on your local network? You could just forward ports on your router, use a DDNS service, and you’re good to go, right? … wrong. ![]() From within the realm of your local network, you have a ton of power at your finger tips. Being able to start a print remotely is incredibly handy. So, you’ve got your shiny new printer, and just installed OctoPrint, great! Being able to remotely monitor your print is a fantastic ability. To sound like a broken record - please head this warning and invest the time that properly securing internal services This blog post will no longer be updated, please refer to the list.Ī guest post by Jubaleth on a topic that is very dear to my heart and on which I’m starting To your options when it comes to plugins that enable cloud or messenger based remote access to OctoPrint, without directlyĮxposing your instance on the public internet.Ī special curated list of Remote Access related plugin has been created on the official plugin repository for your convenience: Many things have changed since then, especially with regards This blog post was written in September 2018. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |