proxmox
How secure your HomeLab has to be?
How secure your HomeLab has to be?
#secure #HomeLab
“Christian Lempa”
I’m randomly streaming about my Homelab Projects and other tech-related stuff. Jump in and let’s have some fun!
________________
π Support me and become a Fan!
β
π¬ Join our Community!
β
π Follow me…
source
To see the full content, share this page by clicking one of the buttons below |
I really enjoy your content Christian……would not worry about that from my side. You have your style and that is just fine. great work and great preparation is good enough….there is a time of working on it but also take your leisure time to relax. Resetting a person into another person is virtually impossible. You are who you are. Make a planning and stick to it always works for me. things for instance not on the planning add them and work on your initial planning. Sie sind wirklich wunderbar!!
Christian I've only recently stumbled onto your channel but it has helped me so much after a few hours of viewing. As someone new to home labs security has been my biggest concern especially with correctly setting up docker and addressing security. I dont think anyone has talked as indepth as you have about some of the critical aspects and for n00b this is invaluable. I'm excited to see the content in the coming months.
Thanks Christian for your effort, really helpful, BTW I don't trust anyone, but in you I totally trust π
Wish if you talk about "Rancher" & "Harvester" , I think they missed in your incredible channel π
Keep it ON
30:00 I strongly disagree. I had an ssh port on a non-standard port for about a year. Not a single attack was made on the server. The server was scanned and showed up on services like Shodan within days of moving the port.
This feels like a 'your milage may vary situation'. How motivated are people wanting to get into your server probably has a massive impact on your experience with moving ports
Christian, there are plenty of sales reps and product demos out there. They cover the basics, and all are the same. That's NOT to say that a sponsored video of something YOU are excited about is bad, for many of us it's the opposite. If you truly enjoy it, we may as well. Heck, I'm happy when you can make a bit of cash too.
Your videos on a topic that you personally are excited about is what keeps me coming back. When someone is pasisionate about something, the whole teaching experience becomes more enjoyable to the viewers. It also means you'll dive deeper which is very helpful.
I remember vividly an engineer that came in for Career Day at school, early like in the 4th grade. He said: "If you find a job doing something you love, you'll never like you're workiing".
That has stuck with me since.
Hi Christian, deeply need your help.. I contacted you on Instagram and TikTok please about connecting nexcloud to collabora code
Always good to watch your content Christian π
Don't let the bad comments of the few weigh down the love of the many
I have been watching soo much and even tho I love the content Im not used to comment – as the very most of your viewers π
Your videos are top quality and have helped me in a lot of projects. Especially since you are the only decent youtuber covering any Sophos products. I tell all of my tech friends about your channel!
Hey Christian thanks for your work.
I would realy love to see a video about hashicorp vault. Having same struggles as you setting it up and using it with docker compose and containers. But would definitly be a good security feature
I really have to tell you that your videos are really well produced ( maybe the best in your niche) and really usefull. I learn a lot from your videos! Thank you very much!
Hey! I really enjoy your videos, and I'm glad you're continuing to make them.
I have a security concern. I've been excited to make a server where I can host things like Immich and Jellyfin for myself, my siblings, and my parents. Since I'd be hosting for family, I would need to allow external access somehow. Still trying to figure out the safest way to so that. But I was planning to use Docker to host everything from Immich, Jellyfin, Authentik, Traefik, Dockge, etc.
Well, unfortunately, I've read that mounting the docker daemon socket is incredibly insecure. If you search for Quarkslab's Blog "Why is Exposing the Docker Socket a Really Bad Idea?", you can find an excellent write-up about how dangerous it is. And unfortunately, Traefik, Authentik, Dockge, Portainer, and many more, all require you to mount the docker socket. It seems like an extremely bad practice, and I don't think that using a socket proxy solves the issue.
Therefore, I'm starting to look for another solution besides docker where I don't have to do things like mount the docker socket. But I still want to host services for my family. Can you talk about this weird docker socket security issue? I can't really find recommendations about how to handle it other than "don't worry about it, you'll be fine"
I wish I could buy Sophos XG licence for home in normal price I don't want to spend 1000β¬ for gigabit licence:/
Security for me isnβt about running faster than the bear, it running faster than the other people running. You canβt be 100% secure, but you can make the return on the investment needed to hack your services so low that you arenβt worth the time. Hacking a homelab just isnβt that profitable for the hacker.
Hi Christian, life is hard and busy, so don't sweat it. I really like your content, while I don't get to put much into practice it is all very interesting. I like all the new apps you have introduced me to. I also like the hardware reviews, but it would be good to focus on the implementation of the hardware and how to use it in practice. I recently purchased a unify express, and it is good but would have liked an in-depth usage review, as it does have some shortcomings compared to the Sophos home Firewall I was using. Most review on youtude just list the features no one really covers the use case and real world usage of it.
Keep up the great work Iβm learning a lot from your videos
Thank you for creating and sharing your content!
Security is really an important and interesting topic.
Danke!
Many good points. On my personal list the most important security measures are least privilege principle and privilege separation.
Never surf on an admin account.
On windows I just create 2 accounts after installation, one admin and one unprivileged account.
the volume of ugreen makes me think its a shit product with how much they dumping into adverts, I like your content and your personality.
Hi. At 29:23 you say "some spelling mistakes"… well not quite. "administrador" is Portuguese or Spanish , "administrateur" its French, "escaner" and "usuario" its Spanish.
Christian, I really enjor your content and value your opinions. Keep up the good work! Just do what interests you. Thank you so much.
I applied so many of your suggestions that you gave on other videos. Thanks and please keep updating us.
Thank you, Christian! I can say at least for myself, but I think many would join me here – I like your content (although I'm not an IT-pro, it's more a hobby for me) a lot, even when not all videos fully resonate, but still, a big portion of my interest to your channel is your personality which to me plays a huge role when I watch anything; so, please keep going with this mission that many should value a lot
Doing YouTube is the hardest non paid job I have ever had. And even when I got monetized, its the lowest paid job I have ever had. Very few understand what it takes to make videos. Exhausting for sure, unrewarding, most of the time, but for me at least, I create because I love it and I like helping people. Please keep it up mate. You have helped me greatly! It's the curse of creators I think, I am back to just doing it because of the love of that need, creation, and fully ignoring analytics.
A lot of these self-hosting applications can be difficult to setup. Some of it you have to do research or configure it specifically for your setup.
Then taking all that work for your tutorial and creating it into content for youtube is just as much work.
Take a step back and re-evaluate things.
This content is great stuff and sometimes I haven't always been able to configure things following the guides but that is mostly my lack of knowledge or my setup is just different so it didn't work.
Nevertheless, these videos are really good and have helped me making things more secure and setting up services I like.