What are the most paranoid network/OS security measures you've implemented in your homelab? - eviltoast

As the title says, I want to know the most paranoid security measures you’ve implemented in your homelab. I can think of SDN solutions with firewalls covering every interface, ACLs, locked-down/hardened OSes etc but not much beyond that. I’m wondering how deep this paranoia can go (and maybe even go down my own route too!).

Thanks!

  • MigratingtoLemmy@lemmy.worldOP
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    9 months ago

    OpenWRT isn’t half bad for usual “router stuff”, but advanced usage is a bit hard to do. Of course, that doesn’t eliminate the problem since ARM can have plenty of backdoors too

    • Dehydrated@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      9 months ago

      I know, I tried OpenWRT on a Pi, but the experience wasn’t great (at least not as a home router).