Security 101 (General Tips&Tricks about Passwords/Account/Security)
Passwords ( use different passwords for each thing) ( password management like Bitwarden sync across all your devices) rotate/change passwords every X months if you can 2FA where possible, SSH keys or certificate based authentication where possible)
Accounts ( always disable and/or change password for generic/default accounts on machines like Admin/Admin, Cisco , etc.) f.e : root account i dont enable to ssh into my boxes by default use su or sudo for that)
Backups ( not directly but perhaps indirectly connects to this topic of security) have a backup strategy ( RAID is Not replacing NOR serves as a replacement for backups) Remember Harddrives ( normal or solid state drives) will eventually fail.. it is just the matter of when..Backup to another disk. to cloud. to Tape ( they are cheap but tapedrives are expensive even secondhand but depending on the amount you need to do periodical backups of ( full or incremental ones) might come cheaper than building out a second NAS or purchasing HDDs to be able to ,,back up” data from source1
Security when it comes to Self hosted / On Permise Vs Cloud (Hosted by 3rd party) ( such as my Bitwarden password management instance) what I selfhost and I own is always safer than 3rd party solutions which can raise the fees from one year to another and say … if you select to opt out then you wont access your ,,password vault anymore” f.e … Dashlane / Lastpass / Keeper / etc. –> You do not Own Your own data, they have free tiers today but what about tomorrow? What about Your vaults security with all Your passwords at the hands of a 3rd party?
Physical Security ( whats valuable and precious best to be kept locked away) or at least make it harder to get physical access ( f.e my servers and switches in the 42U rack with the door closed with key) servers with their faceplate with key on (( these are not much and can be opened with a clip or screwdriver but might discourage accidental troublemakers (kids, cats)
Updates ( keep machines up to date when possible) patch vulnerabilities posted .. most of the hacks and malicious attacks use unpatched known vulnerabilities since X time and bets on lazy sysadmins
Extra steps/mentions/repeats ( to mention here Yubikes, Drive encryptions, 2FA again to mention, STRONG PASSWORDS, Disable or Change Default Passwords on devices-appliances)
Home Server ISP options Can I run a server out from Your own home? If not what alternatives I have available? Does it worth it? Should I use My ISP provided Modem or perhaps replace it with a 3rd party solution?
I will use the first 15-20 minutes to give my two cents about the above and then I open the phonelines for comments / opinions / debate from the audience.
If no callers then I just continue discussing some parts of these in more details.
Voicemail and Calling queue configured on the DID|VOIP|SIP line…During the show calls are placed in a queue if the line is busy and when offline calls go to a voicemail so You can feel free to leave your comments and ideas that way if You prefer..
Links about running Your own server at Your home internet connection:
DigitalOcean VPS *Virtual Private Servers* Run Your Own Services such as VPN *Virtual Private Network* for as little as 5$ a month (( For Example Outline VPN a free open source product made by Jigsaw ))
Recordings of the show can be found in the Anonradio Archives or any of the major podcast platforms.
Live Show broadcasted and recorded at 6pm – 6:30pm UTC Time Every Saturdays at Anonradio.net
DID VOIP Line Open During the Show:+1 910 665 9191 SIP:firstname.lastname@example.org
Shownotes for Episode 00
I would like to take this as a pre-flight checklist, to talk about everything a little bit in general but not too much in detail just yet.
To draw the landscape of What, When , Where, How….
What is The Server Room when it comes to Me? I could have called it a Homelab as I refer to it many times when I have the need to describe where I spend most of my time and on what…
What do I do for a living? ( for all those who have not opened any of those links on the top of this page)
A quick rundown of Hardware I own as of 09/11/2019
General Topics I’m normally interested in and bother enough to investigate and learn more about:
1., Computer Hardware (not the electronics tough) anything and everything from new to old I love to look at them try them run them own them. Switches, Servers, Workstations, Thin Clients, Monitors, Terminal Emulators, Printers, Keyboards, Firewalls, UPS …. If You Can Plug It In Im Probably Interested 2.,Operating Systems (From Dos, BSD, Unix , Linux To Mac OS X, Windows, AIX, HPUX , IBM zOS and IBM Power Architecture, Solaris .. . any and every) 3.,Virtualization and Emulation (ESXI, Proxmox ,,,, Qemu, KVM, Stormasys CHARON Commercial Alpha, Vax, PDP, Sun emulators software ) 4., Network: Switches, Routers, Firewalls, LoadBalancers, Cloud (Azure, AWS, Oracle,Google), SDN – Software Defined Networks 5., Enterprise Solutions: Things like SCCM or other (Altiris) OSD – Operating System Deployment, Centralized Backup Solutions ( Veeam Backup Suite and Virtual Quadrstor Tape Library both available free for Homelabbers)
Im sure there is more but this is how much came to mind for now….
What this show could become? Could it be more interactive? Have calls-in on a DID VOIP Number? Should it have acompanying multimedia content * screen recordings/screencasts of things I do or talk about while doing clicky noise with the keyboard including errors and mistakes?