Put your external facing services behind the VPN, or at least put them in a separate VLAN that’s firewalled in such a way that they can’t reach the rest of the network if they become compromised.
Put your external facing services behind the VPN, or at least put them in a separate VLAN that’s firewalled in such a way that they can’t reach the rest of the network if they become compromised.
S920
I’m running this as my router. It handles a 500/500mbit connection over WireGuard for me without a problem. CPU usage can spike up to 80% when I push it as much as I can, so depending on how it scales I’m not 100% sure how it would handle 1gbit routing+vpn for example.
Make sure mDNS is working properly in your network.
Same! Which version do you use? Small or big?
You probably need to enable some power saving features that Windows does by default but Linux may not. Run something like https://wiki.archlinux.org/title/TLP just to see if it helps, and then do some tuning because it might be too aggressive.
Backup your data regularly and the risk should be very small.
It’s a good way to see if someone has cracked your WiFi password for example so why not. Doesn’t add much security but better than nothing.
ClamAV is an anti-virus software that you would run on end-devices to scan files, an intrusion detection scans network traffic to detect anything potentially malicious. I don’t know your exact router model but I suspect it’s way too weak to run intrusion detection. If you have a switch that’s capable of mirroring you could use that to utilize a more powerful machine to scan network traffic.
myaccounttag
Why did you add this part? And you’re supposed to add a @ before the channel name. Also, is your channel really called channel-1?
DuckDNS is great but their service went offline often enough for me to actually buy a domain.
TLDR; Store apples in the fridge
I would say there are better methods to solve this problem these days than a script. Check out Ansible or NixOS.