Comment on Suggestions for Improving Linux Server Security: Beyond User Permissions and Groups?
just_another_person@lemmy.world 5 months ago
There are entire books dating back to the 80’s that go into this, that are still fairly valid to this day.
If you want to take things further at your own risk, look into how to use TPM and Secure Boot to your advantage. It’s tricky, but worth a delve. For network security, you’re only going to be as effective as the attack hitting you, and self-hosting is not where you want to get tested. Cloudflare is a fine and cheap solution for that.
matcha_addict@lemy.lol 5 months ago
What’s the issue with VLAN?
possiblylinux127@lemmy.zip 5 months ago
If you set it up incorrectly you can perform an attack called vlan hoping.
You also need to setup Firewall rules to properly isolate zones
just_another_person@lemmy.world 5 months ago
VLANs are for organizing traffic, not authorization of traffic.
possiblylinux127@lemmy.zip 5 months ago
Only if you don’t set it up correctly. You should set which devices are allowed to set which vlans and then make sure client devices aren’t authorized to send or receive tagged packets.
You then combine that with a firewall only needed traffic allowed.