superloopy1 Posted April 13, 2021 Share Posted April 13, 2021 Just thinking, i have little experience with networking and was wondering how secure my traffic is and whats the best way to start locking down my server. I see all of these discussions about nginx, letsencrypt, swag etc but what do these do security wise? If you've read this far, its obvious i have no idea of where to start with all of this. This thinking came about when i opened up plex remote access recently and i'm not that happy now that i'm thinking about it. None of my data is encrypted at all, should it be? It's just 'media' on the whole but there are one or two personal family bits, photos etc which i'd struggle to recreate if i ever got hacked and i'm reading that this is becoming more likely these days especially across unraid servers. But, its really my WHOLE server experience on the network side that i need to start learning about. What is best practice here? Even the smallest bit of advice will be taken .... as long as i understand what i'm doing, thats why encrypting my drives has always scared me away from doing it ... Quote Link to comment
JonathanM Posted April 13, 2021 Share Posted April 13, 2021 50 minutes ago, superloopy1 said: there are one or two personal family bits, photos etc which i'd struggle to recreate if i ever got hacked For now forget about increasing or evaluating security and GET THOSE THINGS BACKED UP. Once you have offline backup of items you can't afford to lose, then start dealing with the rest of this. Once you have a backup strategy in place, then you can start evaluating open ports and examining the security of each of the answering services. Of course all this assumes you haven't put your server in the DMZ or anything like that. 1 1 Quote Link to comment
Squid Posted April 14, 2021 Share Posted April 14, 2021 Should be noted that assuming that the only port you've forwarded to your server is 32400 for Plex, then you're safe and secure. As @jonathanm said, if you've put the server into a DMZ, or forwarded ports like 80 / 443 without using SWAG or OpenVPN or Unraid.net then you've opened up a big can of worms. Quote Link to comment
superloopy1 Posted April 14, 2021 Author Share Posted April 14, 2021 (edited) Thanks for the advice. No, none of that has happened so i'm good on those fronts. I DO have backups of the really personal stuff as well. But, wen i see people encrypting disks i wonder why if the data access is so secure then why bother? And, i read a lot of posts about problems following encryption. What benefits do you get from doing it and how risky is it to put in place.? SWAG, no idea what that is ... am i getting things confused? What should i be concentrating on now, i do have a full set of backups but do i really need disk encryption or network security tools? I do intend to start opening up for remote access into my machine though so am guessing the answer is yes ... Edited April 14, 2021 by superloopy1 Quote Link to comment
Vr2Io Posted April 14, 2021 Share Posted April 14, 2021 (edited) 5 hours ago, superloopy1 said: What benefits Encryption disk was use to prevent person can read disk content directly i.e. stolen / take away disks and not whole system. 5 hours ago, superloopy1 said: am i getting things confused? I think so, at least 3 aspect relate, (1) data redundancy (2) raw disk access (3) Network security. 5 hours ago, superloopy1 said: I do intend to start opening up for remote access into my machine Network security concern, you should audit your router, network and server setting. 15 hours ago, superloopy1 said: I see all of these discussions about nginx, letsencrypt, swag etc Those are different technic to enhance overall network security and multiple server service in a local network need different security. A well network design shouldn't only focus on internet, local embed device / PC / handset ..... also need take account. If Plex open access to Internet, you should open necessary TCP/IP port instead all ( DMZ ) at router side, also use stronger password, but those are basic requirement. Once you know more and more then you will identify all above not the end, nothing were perfect / enough. Edited April 14, 2021 by Vr2Io Quote Link to comment
superloopy1 Posted April 14, 2021 Author Share Posted April 14, 2021 Thanks all. I'm going to give a few things a try using a couple of spaceinvaderone's vids. I'll be back soon ... no doubt. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.