• 0 Posts
  • 33 Comments
Joined 2 years ago
cake
Cake day: June 18th, 2023

help-circle



  • Encrypting the connection is good, it means that no one should be able capture the data and read it - but my concern is more about the holes in the network boundary you have to create to establish the connection.

    My point of view is, that’s not something you want happening automatically, unless you manually configured it to do that yourself and you know exactly how it works, what it connects to and how it authenticates (and preferably have some kind of inbound/outbound traffic monitoring for that connection).


  • NaibofTabr@infosec.pubtoSelfhosted@lemmy.worldSyncthing alternatives
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    1 month ago

    Ah, just one question - is your current Syncthing use internal to your home network, or does it sync remotely?

    Because if you’re just having your mobile devices sync files when they get on your home wifi, it’s reasonably safe for that to be fire-and-forget, but if you’re syncing from public networks into private that really should require some more specific configuration and active control.


  • NaibofTabr@infosec.pubtoSelfhosted@lemmy.worldWhat do I actually need?
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    4
    ·
    2 months ago

    My main reasons are sailing the high seas

    If this is the goal, then you need to concern yourself with your network first and the computer/server second. You need as much operational control over your home network as you can manage, you need to put this traffic in a separate tunnel from all of your normal network traffic and have it pop up on the public network from a different location. You need to own the modem that links you to your provider’s network, and the router that is the entry/exit point for your network. You need to segregate the thing doing the sailing on its own network segment that doesn’t have direct access to any of your other devices. You can not use the combo modem/router gateway device provided by your ISP. You need to plan your internal network intentionally and understand how, when, and why each device transmits on the network. You should understand your firewall configuration (on your network boundary, not on your PC). You should also get PiHole up and running and start dropping unwanted inbound and outbound traffic.

    OpSec first.



  • Have you installed a Linux operating system before?

    The hardware swap is not difficult, but you do have to reinstall the OS on the new drive, so if you’re not already familiar with that process it may be a hurdle. The good news is there shouldn’t be any important data on it, so if you do have a problem you can just wipe it and start over.

    I bought the original largest model, and in less than 6 months decided I wanted more than the 512GB. I wish I had saved the $200 and bought the cheapest model. There’s no other appreciable difference.






  • Is there any possibility of mounting some threaded inserts inside the body and running some screws through the panel?

    When you’re using the mouse and resting your hand on it, you’re going to be putting a lot of pressure at random angles on it. As you move your hand around the plastic will flex and twist - any semipermanent bond is going to work loose pretty quickly. Also if it’s gummy or sticky it will pick up dust and crud. Fasteners would be better.






  • Beyond your eventual technical solution, keep this in mind: untested backups don’t exist.

    I recommend reading some documentation about industry-leading solutions like Veeam… you won’t be able to reproduce all of the enterprise-level functionality, at least not without spending a lot of money, but you can try to reproduce the basic practices of good backup systems.

    Whatever system you implement, draft a testing plan. A simpler backup solution that you can test and validate will be worth more than something complex and highly detailed.