As the title says, I want to know the most paranoid security measures you’ve implemented in your homelab. I can think of SDN solutions with firewalls covering every interface, ACLs, locked-down/hardened OSes etc but not much beyond that. I’m wondering how deep this paranoia can go (and maybe even go down my own route too!).

Thanks!

  • Avid Amoeba@lemmy.ca
    link
    fedilink
    English
    arrow-up
    3
    ·
    11 months ago

    Or you could trigger automation that turns it off for hours, then turns it back on. That way you could get around the need to physically turn it on, in case everyone is away.

    • NuXCOM_90Percent@lemmy.zip
      link
      fedilink
      English
      arrow-up
      10
      ·
      11 months ago

      With my firewall disabled a lot of my internal network (including home assistant) will fall over sooner than later.

      But that is also a recipe for mass stress. Because I know “something happened”. And now I know “in six hours, I need to check in and make sure that ‘something’ is still not happening”. Which is extra shitty if I got the notification late evening local time.

      I have friends/neighbors that I trust to swing by and push a button in the event I need to bring it back up before I get home. But if I have reached the point of “it is possible my wireguard credentials were compromised?” then I really don’t need to be able to download the next episode of ATLA NOW.