As the title says, I want to know the most paranoid security measures you’ve implemented in your homelab. I can think of SDN solutions with firewalls covering every interface, ACLs, locked-down/hardened OSes etc but not much beyond that. I’m wondering how deep this paranoia can go (and maybe even go down my own route too!).

Thanks!

    • RedFox
      link
      fedilink
      English
      611 months ago

      Also laughing because that’s how some companies get owned, IP stolen, etc.

      There has to be balance, if your life using their system sucks so hard you can’t do your job or meet production marks, you get creative.

      My industry has to prioritize security over productivity. It’s almost impossible to get work done.

        • RedFox
          link
          fedilink
          English
          211 months ago

          Your working environment sounds gross :)

          IT is hard. Finding good IT people is harder in my opinion. Working for a company that is not super squared away with good security and great usability sucks. At least you found some work arounds and are trying to do it well.

    • RedFox
      link
      fedilink
      English
      111 months ago

      Ha yeah.

      Id say the same for trellix.

      You should try doing things with installs or updating apps when the edr product blocks write access to all temp locations. You have to do an exclusion for every installer, signing cert, or turn it off to install programs.