As the title says, I want to know the most paranoid security measures you’ve implemented in your homelab. I can think of SDN solutions with firewalls covering every interface, ACLs, locked-down/hardened OSes etc but not much beyond that. I’m wondering how deep this paranoia can go (and maybe even go down my own route too!).


  • Kata1yst
    182 months ago

    Really all I do is setup fail2ban on my very few external services, and then put all other access behind wireguard.

    Logs are clean, I’m happy.