Submitted 18 hours ago by paequ2@lemmy.today to selfhosted@lemmy.world
As I rely more on my home lab server, I’m starting to worry more about it getting stolen. If someone breaks into my home, I think the server will be a pretty attractive target.
Do y’all just stick it in a closet? That seems not great for cooling…
May as well just rig the house to burst into flames
I bought my power supplies off temu. One way or another, someone is getting hurt.
That’s reserved for if they make it past the first three levels of security. EASY and pals are #2.
Server equipment is not on any normal burglar’s list of items to nab. It’s such a low risk I think it’s completely not worth worrying about.
It’s incredibly unlikely they’ll know what they’re looking at in the first place, and won’t be assed to carry out heavy switches and PC gear “just in case” to look it up later. They want to get in, check rooms and closets, drawers, etc and GTFO before you come home or a neighbor notices. Computers aren’t as expensive as they used to be. Gaming laptops might look attractive, but other than that you’re fine.
They want jewelry, cash, guns, good tools, silver, modern game consoles, expensive bicycles, etc. These are all things that are easy to carry and pawn or sell well on the street. Nobody is selling switch gear at a pawn shop or to random people, so even if they know the value of what they’re looking at (extremely unlikely) they’ll leave it because it’s too hard to fence.
If you’re that worried about theft then set up good full disk encryption and have off-site backups of your data (should do that anyways) but you don’t need to worry about physical security at home, at least not specifically in regards to your home lab.
Businesses are at much higher risk for hardware theft, from employees or from others that are targeting the locations specifically because they DO understand the value and have a way to offload the gear, but those same people won’t be randomly breaking into people’s houses hoping they’ve got Cisco gear in a closet somewhere.
Install a floppy drive. No one gonna steal a computer with one of those.
I doubt that a server would be an attractive target for common thieves. It’s heavy, bulky and not immediately clear how well it would resell and how valuable it actually is. So yeah… Just have plenty of other more stealable things lying around I guess 😄
I guess it’s a unique situation for everyone. My TV is huge, heavy, and requires at least 2 people (I used 3 people) to carefully move it out. Laptops are easy and fast to take. I don’t think one would stop there though. I don’t have gold n cash laying around like some other Lemmy users here, lol.
I’m not sure if I have anything else that’s valuable. No tablets. Not much tools. Uh. What else do people have that is sellable?
My home server is a smallish ITX box. I could see some idiot thinking computers -> gaming -> expensive -> money.
Considering I stole most my stuff from work it would be fair if someone else nicked my setup.
A confession in here is worth total forgiveness.
I’ll phone your boss and clear it for you…
No need to worry about thieves. They mostly don’t even steal laptops of TVs. It’s just not worth the work and the risk.
Yes need to worry about floods or your house burning down. That’s the real way to lose a home server.
Thankfully, I don’t think there’s ever been a flood where I live. House burning down is way more likely. But, break-ins do happen in my town. Actually, what prompted me to think about this was that my neighbor recently had their house broken into.
I don’t.
If you’re stupid enough to carry out my stuff, good luck getting anything for it.
Mine is in the utility room, which is in the basement. There’s no way in or out of the basement except for the stairway from the living room on the main floor.
That room is where all of the CAT5 and coax cables from each room terminate (demarcation point?), and where the furnace and water heater live.
By living in the middle of fucking nowhere. I haven’t locked my front door in over a year.
Backup and encryption. encryption prevents the thief to see my data, backup allows me to make a new server. Furthermore, as other pointed out, I don’t expect that a common thief will see a lot of value in a small black box on top of a shelf
Backup and encryption
Yeah, I guess this is the solution. Encryption I get. But where do you backup to? I currently have about 4TB of data and was thinking of at least doubling capacity soon. How expensive is it to backup 8TB of data somewhere?
The really important things (essentially only photos) are backed up on a different USB drive and remotely on backblaze. Around one terabyte cost 2-3$ per month (you pay by operation, so it depends also by how frequently you trigger the backup). You want to search for “cold storage” which is the name for cloud storage unfrequently accessed (in other words, more storage than bandwidth). As a bonus, if you use rclone you can encrypt your data before sending it to the cloud.
I put a tiny NAS in my parents’ house (cheapest ARM synology 2-bay). It backs up their computers (a first, of course, but the photos are safe now!) and my server sends its TBs to there too. Upfront is large because you need to put in two big drives plus a lil NAS. But no $/mo, thanks parents.
For over a few TB Hetzner and the like really hit hard (€21/mo for 10TB at Hetzner storage box). Depends how much disposable income you have/want to ensure data is good. Now-a-days €21/mo is like 1 Disney/Hulu/bullshit, that price is obviously over inflated but it makes you feel less bad about spending it on cold, hard, remote backups of your big ass data.
how do you unlock the encrypted disks? is it manual, or did you automate it?
Dropbear. You can run a small SSH server in initd that allows you to SSH in and type the encryption password. It doesn’t run a shell, just cryptsetup.
One of the best uses of encryption is that you can pull drives that die and not have to try to wipe them as they die or smash them. They’re encrypted so it’s just gibberish. Mostly the reason to encrypt.
I auto-unlock with two things: a USB drive I put in the computer that it looks for and another computer on the network that hosts an unlock file. I’m not defending against nation-states or the Gestapo, regular rubes won’t notice the pi zero hidden that hosts the network file. USB drive is for just-in-case so I don’t have to type that long ass password ever.
I didn’t try hard, but I’m not sure how to make auto-unlocking more secure.
I have automated it with a small initramfs script which has half password and download the other half from internet. My threat model is to protect from a random thief. So they should connect it to a network similar to mine (same netmask and gateway) and boot it before I can remove the half key from internet.
some security which is on my TODO list is: allow fetching the half key only from my home IP and add some sort of alert for when it is fetched.
Linux with LUKS can be configured to decrypt at boot
Actually you got me thinkng about some of my pieces.
But overall i agree with most of the thread here. Properly rack it, and secure the rack. Then basic locking does the rest (secure a rack door with a lock).
Security cameras system help police catch theives.
Encryption on data you care about and off site back ups meqns rebuilding is just getting the hardware again.
For mini pcs and laptops they have those security cables to at least attach them to a heavier thing (desk, cabinet, etc). (this is the thing i hadn’t thought about).
Finding obsure places to hide my nodes is practical matter for me, because space is always a premium, so over sizing cooling solutions (liquid cooling to big radiators) and then finding wierd places to tuck them away (i mean why cant a computer rack be a night stand, the raspberry pi is clustered anyway why not stick in a lamp, the crawl space is actually always dry there and nice and cool to boot!, etc, etc). That probally adds some* factor to it.
The consumer stuff i have is a more likly target then the SOC or server stuff though. At least for me.
When was the last time you saw a headline: “Thieves steal home lab”?
How about “Thieves steal computers”?
I haven’t heard of that happening much outside of law enforcement raid.
Laptops, yeah. But stories of homes being broken into to steal servers?
Home… lab?
Dude, it’s just a computer.
Lol all I have is the remnants from my ship of theseused main rig chilling in a 3d printed enclosure running a single game server (sometimes) and I call that my homelab. Mostly because anyone I actually talk to in real life has no idea what the fuck I’m talking about anyway.
But I put it in a really expensive cabinet that I did not measure.
maybe they have switches and computers and whatnot, different units
Its big enough that they will have to break back in to move it with a friend. Its built shitty enough that it will fall apart if they lift it. Its next to an attractive and less effort to steal TV.
TVs and game consoles also have much better fence value.
Door lock and house alarm, also mines at the back of the garage with plenty of more easily stealable things in front of it.
…mines at the back of the garage…
Holy shit, you are serious about your physical security!
Easily defeated by those who play Minesweeper.
https://en.wikipedia.org/wiki/Mantrap_%28snare%29
Mantraps that use deadly force are illegal in the United States, and in notable tort law cases the trespasser has successfully sued the property owner for damages caused by the mantrap. There is also the possibility that such traps could endanger emergency service personnel such as firefighters who must forcefully enter such buildings during emergencies. As noted in the important American court case of Katko v. Briney, “the law has always placed a higher value upon human safety than upon mere rights of property”.[5]
It’s also kind of squished on some racking, and with it been a 4u rack case full of HDD it’s quite heavy. If you have made it this far in to the garage, you not only have done well but passed the beer collection and numerous cordless power tools. It also has a sign saying beware of the leopard.
Take this with a grain of salt but long ago someone broke into my house and at the time I was futzing with something so had the skin off of my tower and they did not touch it. I think they figured it was broke. Knew a guy who made a server closet with bare boards on wood shelves.
Same way you protect anything else valuable in your house - by locking the door and potentially installing (selfhosting) security cameras.
I always thought this was an argument for properly racking everything. If it takes more effort, more time to remove, maybe they won’t bother.
My understanding is that for most individuals, theft is mainly
I do have outside cameras but they’re not as useful as you’d think. Maybe they have some deterrent value but they’re not going to alert anyone fast enough unless they’re already in the house and you’re not going to identify anyone even if you catch a good shot of their face. If the do catch someone, perhaps the video is enough to say, yep
What are they gonna do with that?
Steal it.
Who is gonna buy that from them?
People on eBay who buy used computer parts, like me.
What can they buy with that?
Money can buy many peanuts.
Who’s gonna steal a loaded 90 disk enclosure xD
I got burglarized and they left a significant amount of cash in foreign currency that was sitting out in the open from a recent trip, because they had no idea what it was. Nobody is stealing rackmount equipment.
Go to the pawn shop and ask them how much they would pay for your server. I bet $20
I mean… I’ve been selling and buying used computer equipment on eBay for way more than $20…
Just put a big sticker on it signifying it has a tracker inside.
Even if they would want to steal it, it might just make them doubt enough to leave it be.
Someone who’s in the business of stealing computers would just stick it in a faraday bag. I guess for an entire server you’d need a sizeable cage though.
It would take hours to pull the servers from a mostly full full height rack. And then you’d get a bunch of heavy obsolete servers with zero resale value.
reminds me of the dude with a PDP 11 in his basement
Most vintage I have is a dual-socket 1U Sparc.
I have 9 security cameras on my driveway, house, and office out building and own a 12 ga. I’ve got it covered.
It’s valuable to you
I want to steal shit that I can move easily, and I’m going to avoid niche stuff with a limited number of buyers because I don’t want to use the same people repeatedly
I once put my homelab rack outside of my apartment, in the hall. Then used it to catch a bastard who kept stealing my bike light, and later tried to snatch the whole bike.
Mine is primarily a 4u server, in a rack. That’s screwed to the wall (for added stability).
They’d need a couple guys to unrack it. It’s in the garage I rarely ever lock, behind the cars which are more valuable and easier to steal. Behind the much more valuable tools.
Garage does get warm in the summer and cold enough in the winter the fans do funny things.
Anything important gets replicated to another location as well as backed up to a cloud bucket. So if it got stolen it would suck, but not the end of the world.
Encryption and offsite backups. If someone nicks it then they don’t get any private information. And with backups it’s easy enough to just push the data onto a new device.
Since the other comments seem to be less than useful ideas on things you didn’t ask about…
I keep my NAS/Video server for my home cameras in my gun safe. Costco has a gun safe (really can be used for anything like documents too since it’s fire rated) that had power cable running to the inside. I used the same path to run a data cable and keep it all locked up in there with a monitor mounted on top and a UPS in the middle. My safe is close to my room with the idea being if someone wanted to break in I’d keep the footage. Not that anyone would, but like you seem to be asking I’m more concerned about the what if.
The rest of the switches/routers/WAP Controller is located in my home office closet inside of one of those on-Q boxes in the wall.
That sounds like a great idea but how is the ventilation on that setup? Does it have ventilation for letting in cool air and exhausting the hot air?
It’s a smaller unit for my camera setup and it’s in a cooler area. When I open the safe up it’s basically the same temp. So I’m not worried about thermal performance. At least on that front. The camera system is just for home monitoring. The main components (what you mentioned being concerned about) stay hidden too behind the closet wall in my office and the wall is an interior wall so thermally they stay pretty smooth.
If the (theoretical) burglar finds a gun safe and it is even locked properly, I would think it looks quite attractive :)
That’s why it’s bolted to a concrete slab from the inside.
I live 40km away from the nearest civilization, in the middle of Swedish wilderness. No neighbors and biggest bear population in europe in the woods. So I feel safe :)
I plan on rack mounting things on the second floor, but normally someone running in and ransacking a place isn’t going to bother with a server, especially if it’s loaded down with hard drives. Heck, my NAS is in a desktop case and I hate even having to turn it around 😹
downhomechunk@midwest.social 6 hours ago
I build from ewaste and keep things deliciously trashy looking.
Image
paequ2@lemmy.today 5 hours ago
Security by trashcurity, brilliant!