I once had a Senior Infrastructure Engineer looking at the logs of our public VPN host. A VPN host that is open to the world on 0.0.0.0/0 because that’s the requirement we had. This Engineer saw thousands of failed login attempts to the VPN; things like admin/admin admin/password1 etc. Regular internet crap, a bot will scrape the web page and try its luck then move on.

This person then decided to initiate security breach procedure and immediately shut down the VPN, because “we’d been hacked!”.

There’s a lot of noise on the internet. The challenge is working out the best way to isolate your resources just enough and block anything that doesn’t need access. This is why things like Web Application Firewalls exist.

Well, being able to change the name servers of a DDNS service would be very difficult unless they offer you the option to split the subdomain out.

If you’re going to be doing this for a while, why not just buy a super cheap domain on sale? You can pick some domains up for like $1 when registrars are doing sales.