Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

cron

@cron@feddit.de

This profile is from a federated server and may be incomplete. Browse more on the original instance.

Can someone explain to me why NAT is not enough for security?

Networking noob here. I want to prevent all incoming requests except through a specific port, and that traffic is forwarded to a specific device on the network. NAT seems to do that just fine, it's almost like a kind of firewall by itself. What kind of threats are there that requires more than just NAT for security?

cron ,

This is true and typically called "Next Generation Firewall" or "Intrusion Prevention System".

However, these have three disadvantages:

  • They rely on signatures and many vendors only provide these with an active, costly subscription
  • They add complexity and possible error sources and false positives.
  • They require processing power and can easily reduce throughput by 90%.

These systems are quite common in enterprise scenarios, but AFAIK the exception in home labs and selfhosting environments.

cron ,

Something like Guacamole could be a nice fit. Additionally, you need a virtual PC to connect to, Guacamole is just the proxy.

cron ,

https://join-lemmy.org/instances says that there are 41k monthly active users.

cron ,

Vaultwarden could be a good start. Everyone needs a good password manager, and setting up one at home is pretty easy.

You don't even need to expose it to the internet, you can start with a local installation (with some limitations).

cron ,

Setting up a reverse proxy with nginx proxy manager is pretty simple and comes with letsencrypt support.

For letsencrypt to work, a software needs to write a confirmation code to a special path in your domain. When letsencrypt verifies that you can write to this path (and therefore control the domain), you get the certificate.

cron ,

true, and caddy works very well with docker compose setups.

cron ,

This article was already posted here two days ago: https://lemmy.ml/post/10719915

Docker Container Status Displays on Public Website

I have a home server with tech illiterate users (Tailscale/VPN won’t be a solution for them), and I’ve been setting up a little blog to keep them updated about content and status. I had an idea of setting up a server status page that displayed the running state of various docker containers so they could easily see if...

cron ,

I'm using Uptime Kuma myself can't recommend it enough for simple use cases like this!

cron ,

It has some amazing caching, but that doesn't mean a backup is not necessary or recommended.

cron ,

After widening was completed in 2008, a portion of the highway west of Houston is now also believed to be the widest in the world, at 26 lanes when including feeders. - (Wikipedia)

WTF

cron ,

one more lane train rail

cron ,

An old railway running along the north side of the freeway was demolished in 2002 in preparation for construction which began in 2004.

Form the wiki article linked above

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • incremental_games
  • meta
  • All magazines
    •