thelittleblackbird

@thelittleblackbird@lemmy.world

This is a remote user, information on this page may be incomplete. View original ↗

⁨Comment⁩ on ⁨Internal network monitoring⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
My setup is “simple” and all these monitoring functions are performed in my opnsense box with the telegram plugin.

Most of the alerts are pretty basic and are done into the FW level or the outbound basic logging. So opnsense with the basic tooling is just enough.

I have in my todo to connect the logging system from opnsense to a proper Prometheus/grafana system to really have proper log of several days without having an impact on the FW but I never find the time to do it (lazyness problem)
⁨Comment⁩ on ⁨Internal network monitoring⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Segment the network as much as feasible, forbid the communication between the segments via FW rules, and set an alert when those rules are triggered.

For example: your dmz should never initiate any type of communication with your lan segment, your lan segment should not try to access services outside ports 80/443, your dns should log all resolutions performed and it would be nice to have at least a black list.

None of them should have dns over tls, and for specific hosts and networks segments, new domains with very looong active but idle connections should trigger an alert.

My personal opinion is that for a homelab is not realistic to perform a dpi to check that there is not an active attack ongoing, neither from the raw processing power, either from the human effort side, your best chance is to alert when something unusual is happening and then adjust your rules of the are false positives
⁨Comment⁩ on ⁨Backing up across machines with low free space?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Then nothing to say, good luck with your setup :)
⁨Comment⁩ on ⁨Backing up across machines with low free space?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Certainly it is a good way to go, but in my experience try the usual work flow, it is way more stable and the cpu burden is share between both nodes -> faster backups
⁨Comment⁩ on ⁨Backing up across machines with low free space?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Borgbackup is all you need, you even don’t need to allocate the space in your A machine…
⁨Comment⁩ on ⁨Self-hosting paradox: Windows for specifically MS word⁩ ⁨⁨4⁩ ⁨months⁩ ago⁩:
Kasm, you only need kasm.

It is a docker engine with the streaming already incorporates. Try that.

It is true that it relies in wine, so perhaps you will need to experiment a bit and pin down a specific wine version. But if I recall correctly I saw an old version of ms office running in wine
⁨Comment⁩ on ⁨ISO Project Ideas For Wyse 3040 & 5010 Thin Clients⁩ ⁨⁨7⁩ ⁨months⁩ ago⁩:
This could be funny if you have a d event computer, specially for od games

games-on-whales.github.io