Network security

Backgroud: I am doing an IOT with my room AC, it works fine on LAN(local area wifi). Now, I want to take it to the next level, that is contr it remotely, over the internet. I have gathered the following

Option 1: use a cloud service. Requires alot of work. Not interested. Option 2: use DMZ router method. This takes a little time to setup but present a cyber security threat.

Question: what exactly is the security threat if use option 2 with my esp8266 device? What if someone find my ip for the said device, what can they do with it?

Thanks.

Question: what exactly is the security threat if use option 2 with my esp8266 device? What if someone find my ip for the said device, what can they do with it?

Depending on the sketch you will be running, they can switch your AC, they may event overheat it which may even lead to a fire (worst case). Usually you would put a server into the DMZ (may be a Raspberry Pi or similar) which is the only device exposed to the Internet. All IoT stuff ist just communicating with that server and the server is the only device accessible from the Internet. That way you have a single device that must be always up-to-date with the latest software updates and it will be the only device that needs a security audit.

pylon: Depending on the sketch you will be running, they can switch your AC, they may event overheat it which may even lead to a fire (worst case). Usually you would put a server into the DMZ (may be a Raspberry Pi or similar) which is the only device exposed to the Internet. All IoT stuff ist just communicating with that server and the server is the only device accessible from the Internet. That way you have a single device that must be always up-to-date with the latest software updates and it will be the only device that needs a security audit.

He's cross-posted at http://forum.arduino.cc/index.php?topic=547144.msg3729669#msg3729669