this post was submitted on 15 Oct 2023
21 points (100.0% liked)

homelab

6589 readers
1 users here now

founded 5 years ago
MODERATORS
CMonster@lemmy.ml
21
Best practice for outward facing services (lemmy.world)
submitted 2 years ago by root@lemmy.world to c/homelab@lemmy.ml
6 comments fedilink hide all child comments
 

I currently have several VLANS (management for network devices, iot for smart devices, infra for security cameras and NAS, one for personal devices, anothe for guests, etc.

Currently I'm hosting a game server which is exposed to the outside world and am thinking of adding a couple more similar services.

Is it best practice to put such machines on their own isolated VLAN to minimize their attack surface?

you are viewing a single comment's thread
view the rest of the comments
[–] Auli@lemmy.ca 4 points 2 years ago* (last edited 2 years ago)

Reverse Proxy as much as you can so you only have one port, I haven't found anything I haven't been able to even Plex, but haven't done a game server other then minecraft.

Whitelist Geoip location, use crowdsec

I haven't bothered with network segregation I used too but then revaluated and just realized it wasn't worth it for me.