• 3 Posts
  • 12 Comments
Joined 1Y ago
cake
Cake day: Jun 11, 2023
help-circle
rss
Can someone explain to me why NAT is not enough for security?
Networking noob here. I want to prevent all incoming requests except through a specific port, and that traffic is forwarded to a specific device on the network. NAT seems to do that just fine, it's almost like a kind of firewall by itself. What kind of threats are there that requires more than just NAT for security?
fedilink
20
Can someone explain to me why NAT is not enough for security?
fedilink
@nodsocket@lemmy.worldtoSelfhosted@lemmy.worldDoes anyone else harvest the magnets and platters from old drives as a monument to selfhosting history?
link
fedilink
English
79M

In a distant post-apocalyptic future, the survivors will use hard drive platters as a currency.

link
fedilink
@nodsocket@lemmy.worldtoSelfhosted@lemmy.worldhow to access nextcloud outside LAN?
link
fedilink
English
310M

If you want to be very secure, host a VPN and don’t open any ports besides the VPN port. Then access anything as though you’re on LAN.

link
fedilink
@nodsocket@lemmy.worldtoSelfhosted@lemmy.worldWhat should I use my RPi4 for?
link
fedilink
English
210M

Use it to make a webcam server. You could probably afford to plug in multiple webcams since it has USB 3. Great for checking on the home when you’re away.

link
fedilink
@nodsocket@lemmy.worldtoSelfhosted@lemmy.worldWhat should I use my RPi4 for?
link
fedilink
English
1
edit-2
10M

Make it into a router and access point. Connect your phone to the AP and use tcpdump to capture packets from your phone for a few minutes. Look through the packets with Wireshark and see how much data is being leaked.

link
fedilink
@nodsocket@lemmy.worldtoProgrammer Humor@lemmy.mlthe "good" parts
link
fedilink
181Y

The only thing you need to know is goto statements

link
fedilink
Do you use all your self hosted services? Are there any you found to be not worth it after installing?
I've always been conservative about what kind of services I host because it takes time to get them set up. For example, there's no reason for me to set up music streaming when I only ever listen to music on my phone and all my music files are already on my phone. On the other hand, it's a good learning opportunity to set stuff up and have to fix it when it breaks. What do you think?
fedilink
0
Do you use all your self hosted services? Are there any you found to be not worth it after installing?
fedilink
@nodsocket@lemmy.world
creator
toTechnology@beehaw.orgEmail is the oldest Federated service.
link
fedilink
English
01Y

Adopting a consistent way to do it that everyone agrees on is the hardest part. PGP works but you have to make it easy and integrate it with all the top email providers so that most people are using it without even noticing.

link
fedilink
@nodsocket@lemmy.world
creator
toTechnology@beehaw.orgEmail is the oldest Federated service.
link
fedilink
English
01Y

Absolutely. Now we’re stuck using a protocol that has zero encryption because decades ago no one thought about that. All our private correspondence is readable by every ISP and government it passes. If only we could make an email 2.0…

link
fedilink
Email is the oldest Federated service.
I was struggling to wrap my head around how federated social media works until I realized that email has basically been doing the same thing for 30 years. Different email servers are like instances of a federated network. You can send emails to people from within a single server or you can send emails to people on any other mail server. Your email address is a username followed by an '@' and the server address, just like on Lemmy. Email is a decentralized service I've been using the whole time!
fedilink
2
Email is the oldest Federated service.
fedilink