As the title says, I want to know the most paranoid security measures you’ve implemented in your homelab. I can think of SDN solutions with firewalls covering every interface, ACLs, locked-down/hardened OSes etc but not much beyond that. I’m wondering how deep this paranoia can go (and maybe even go down my own route too!).
Thanks!
Really all I do is setup fail2ban on my very few external services, and then put all other access behind wireguard.
Logs are clean, I’m happy.
Standard and well-tested setup. Thanks for your reply!