As the title says, I want to know the most paranoid security measures you’ve implemented in your homelab. I can think of SDN solutions with firewalls covering every interface, ACLs, locked-down/hardened OSes etc but not much beyond that. I’m wondering how deep this paranoia can go (and maybe even go down my own route too!).

Thanks!

  • MigratingtoLemmy@lemmy.worldOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    11 months ago

    The problem is, you’d expect your switch to mirror all traffic, including what it is generating (switches with web servers, baseband/backdoors like every big manufacturer), but you can never really be sure.