As the title says, I want to know the most paranoid security measures you’ve implemented in your homelab. I can think of SDN solutions with firewalls covering every interface, ACLs, locked-down/hardened OSes etc but not much beyond that. I’m wondering how deep this paranoia can go (and maybe even go down my own route too!).

Thanks!

  • Dehydrated@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    11 months ago
    • Custom Router/Firewall running OPNsense and the Sensei plugin
    • Extensive DNS filtering through Pihole
    • Redirecting all DNS requests to my Pihole through OPNsense
    • My entire network is behind a multi hop VPN
    • I don’t let any Windows systems connect to the internet, instead, I have a Linux server which is connected to the internet (through a VPN of course) and runs a browser, and I use X2go to access the browser which is running on the Linux server