Hello, I’m getting into self hosting and looking to setup a small home lab to play around with different technologies. I’m considering setting up a DMZ to keep my lab hardware separate from the rest of the network and other users. What is some of the minimal hardware required to do this on a small budget? Also what are some of the necessary security measures I should understand. One of my first projects would be to setup a small Linux box that I can ssh into remotely. Thanks.

EDIT After much reading today and great guidance from this community this is basically what i ended up doing… Got a dell optiplex on ebay for about 55 bucks and a dual intel network card on amazon with a managed switch. If i can bridge my current router as an access point, i should be on my way! This community rocks! Lemmy is awesome!

@[email protected]
link
fedilink
English
3
edit-2
2Y

It depends on what u wanna run, I use an old AMD A8-7600B, wich by today standards is less than a laptop cpu. But I run OpenMediaVault wich is just a NAS, so usually my cpu usage with 2 users at the same time is around %40-%60. I recommend u to use passmark as a reference, just tipe the cpu u have in mind + passmark and make thr comparison with mine so u can have an idea.

Manually set up the local IP of ur machine in the router/modem, then in the computer (so everything is failsafe), then configure the firewall (I recommended ufw) and only allow the ports that u need in the necessary protocol, nothing more. Also, to be script kiddos safe I recommend to change the ports of everything that u can, in this case SSH, I don’t remember the usual port, but change it to something like 666, 999, 6666, u get the idea, if we aren’t the same as every other server in existence we r gonna be safe most of the time, disable password login and use an rsa key.

@[email protected]
link
fedilink
English
12Y

And usually it isn’t necessary once u set up the machine as DMZ, but sometimes it doesn’t accepts the request so make sure u can access using ur celular data. Otherwise u’ll need to do some port forwarding, just do it plainly 443 to 443 and the like.

Create a post

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

  • Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
  • No spam posting.
  • Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
  • Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
  • No trolling.

Resources:

> Any issues on the community? Report it using the report flag.

> Questions? DM the mods!

  • 1 user online
  • 218 users / day
  • 9 users / week
  • 244 users / month
  • 841 users / 6 months
  • 0 subscribers
  • 542 Posts
  • 8.93K Comments
  • Modlog