frontpage.

Port forwarding is often the fastest way to access an internal service — a database, admin panel, or metrics endpoint.

But in many setups, that means opening a public port and relying on firewall rules or IP restrictions for safety. Those rules tend to accumulate over time.

I’ve been looking at how modern “brokered” port forwarding models work. Instead of exposing a service publicly, they rely on outbound-only connections and create identity-scoped tunnels that exist only for the duration of a session.

No persistent inbound ports. No long-lived firewall exceptions.

I wrote a breakdown here, focusing on mechanics rather than product pitch:

https://www.lynxtrac.com/secure-port-forwarding-without-exposing-services

Curious how others here handle temporary service access in cloud environments.

It Isn't the Tool, but the Hands – A Response to "Something Big Is Happening"

Dbt-Workbench, an open-source UI for working with dbt projects

Show HN: PolyMCP – A framework for building and orchestrating MCP agents

Dao Heart 3.11 Identity Preserving Value Evolution for Frontier AI Systems

Backboard.io Becomes First AI Platform to Lead Both Major Memory Benchmarks

Show HN: An automaton's code review of Gas Town with sycophancy-mode disabled

'RageCheck' Points Out Manipulative Language in News Articles

Ask HN: Hacker News Fixed Width for Widescreen Monitors" Userstyle?

Extend Trust Across the Software Supply Chain with Red Hat Trusted Libraries

CIA, Pentagon reviewed secret 'Havana syndrome' device in Norway, WaPo reports

I Analyzed 227M Rows of Medicaid Data. Here's a Sample of What I Found in Maine

AI: A Bridge Toward Diverse Intelligence

How to Write Mathematical Papers by Bruce C. Berndt [pdf]

Curosr: Expanding our long-running agents research preview

Show HN: Cappu – ADHD'er take on a different task manager

PlantNet; Identify, explore and share your observations of wild plants

Jeffrey Epstein spent years building ties to well-known hackers: Politico

Show HN: Logbooks, notebook computing for coding agents

Wazir Drop: a tournament winning board game AI engine

Siri, Alexa, ChatGPT, and OpenClaw: What's Different?

PicoClaw: Ultra-Efficient AI Assistant in Go

War Atlas: Mapping 3,500 Years of Conflict

You can't trust the internet anymore

Juggling Information Service

The Dragnet Era of Home Security Cameras

Building an End-to-End Developer Salary Prediction App

So Bright the Vision by Simak (1956)

Gemini 3 Deep Think drew me a good SVG of a pelican riding a bicycle

Show HN: Tori Terminal-native Docker monitoring with alerting in a single binary

TSA agents are working without pay at US airports due to another shutdown

Secure Port Forwarding Without Exposing Internal Services