Safety on HTB

0xalivecow · March 26, 2020, 8:20pm

My post revolves around rule number 6.

6 Dont use your production PC to connect to HTB Network
We strongly recommend not to use your production PC to connect to the >HTB Network. Build a VM or physical system just for this purpose. HTB >Network is filled with security enthusiasts that have the skills and toolsets >to hack systems and no matter how hard we try to secure you, we are likely >to fail We do not hold any responsibility for any damage, theft or loss of >personal data although in such event, we will cooperate fully with the >authorities.

There have been posts discussing what precautions you can take, however I would like to know:

How likely is the event of beeing hacked by another member

The reason I am asking this is because HTB is also made for beginners, not only professionals. Beginners, like me, may not know how risky HTB may be.
Also I find it wierd that, if something like this can happen, HTB provides so few information. Wouldn’t the possibillity of a hack through HTB be a major threat that shoul be warned about more, not only in rule number 6?

nxzsn · March 26, 2020, 8:56pm

If you’re quiet, noone hacks you. Use this platform for the purpose it serves. A couple of the reasons why noone hacks you:

It takes time
Your openvpn IP is dynamic, plus it’s not easy to reveal your address unless you want someone to.

Of course, simply using a virtual machine would be much simpler than just stopping all exploitable services running on your machine (mysql, apache, nginx). A hacker that can get your system through HTB network might also be skilled enough to do the same through VM. But we are talking about personal computers and laptops - anyways, who’d like their system to be hacked?

Being wise is what really matters here, not how secure the platform is.