LinkBack URL
About LinkBacksSure, security through obscurity isn't great, but it all helps. Even the smallest of layers could be the thing that trips the attacker up.Originally Posted by peterb
PortKnocking is one of my favs of the security through obscurity approach
Sure, security through obscurity isn't great, but it all helps. Even the smallest of layers could be the thing that trips the attacker up.
PortKnocking is one of my favs of the security through obscurity approach
Oh yes, every little helps (TM)
One of the reasons I like SSH is that I can carry round a USB stick with a truecrypt container with the keys, Truecrypt application and putty, and I can access my server anywhere that has internet and usb, but leave no useable trace afterwards.
(\__/)
(='.'=)
(")_(")
Been helped or just 'Like' a post? Use the Thanks button!
My broadband speed - 750 Meganibbles/minute
So as far as OS wise goes does the following make sense...
Server 2008 on the machine directly with Hyper-V
WHS2011 on a virtual machine
Then I can add another virtual machine to do firewall duties right?
/brutal effective way to sort it
If you set your WHS BIOS to always reboot when power is cut and restored.....
set up a wall timer... plug it in.. set it to come on and off when you need it.. vary it a bit.. and then let it pul the power on your WHS regularly for a few weeks
I know it's a brutal anvil and hammer method... but simple facts are.. if you don't NEED it on all the time.. turn it OFF a lot
When I go on holiday, mine is left to come on and off at various times.. so if I need stuff off it.. I know the "window" for that day
not techy... but might stop the little buggers trying so often if it keeps crashing, and is not on for ages
Problem with this is approach is that Hyper-V doesn't support non-Windows guests (or at least didn't the last time I checked), so if you were planning to use pfSense or similar there's no guarantee it'd work. Also given the relatively low power of the Microserver you'd likely be better served with Server Core or even better Hyper-V Server (which would also handily cut your attack surface too)
Personally I'd look at vSphere - it'll run off a USB key installed to the internal port. Then run pfSense on a VM, with the WHS box on a seperate VM sat behind the firewall. The only problem is that the onboard RAID controller doesn't work with vSphere, and as such you'd be looking to do any RAID in software.
Are there any guides for doing something like that with vsphere? I am pretty over my head with things like this and don't want to mess it up
You've got me scared, and I haven't even set my WHS up yet!
Found this though, which looks good
http://www.homeserverland.com/securi...s-and-network/
finlay666 (28-07-2011)
TBH it's probably overkill, and a well setup router together with complex passwords will help. Might be worth locking down the WHS firewall (it has one, right?) to only accept connections from your LAN, as well as the single ip you've specified for your work address if that's feasible.Are there any guides for doing something like that with vsphere? I am pretty over my head with things like this and don't want to mess it up
If you really want to go the whole hog with either Hyper-V server or vSphere you'd need another machine with which to manage the hypervisor - install the management client on this. Then it's a case of installing the hypervisor (vSphere will install directly to USB, though your key must be minimum 2Gb whereas Hyper-V will require some hacking to install to USB and requires (iirc) a minimum 8Gb), put the hypervisor into your Microserver then boot.
Once the hypervisor is booted start the management client on your PC and connect to the IP address of the server, using the username and password specified during install. From here it'll probably make more sense to let me know which one you're using so I can either point you in the relevant direction for guides to setting up a VM or write one more tailored to your requirements.
As I say though, likely overkill.
I think I'm going to go down the route of installing it on the hard drive directly
Hyper-V does have some linux support, just not a lot
that said, I'd be tempted to go down the ESXi route as well , but thats mainly due to being a (mostly) VMware Junkie
my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net
WHS or the hypervisor? If the latter you should be aware that vSphere will take the entire disk
This is important.... dont be like this guy.
http://jfvi.co.uk/2011/04/28/sometim...stall-screens/
my Virtualisation Blog http://jfvi.co.uk Virtualisation Podcast http://vsoup.net
The Virtual hosting OS (either hyper-V or esxi/vsphere), Even if it was partitioned?
I'm not that fussed about Linux support unless I absolutely need it with regards to the firewall so may go down the Hyper-V route
I'm not sure how well your firewall of choice will perform under Hyper-V, but you can certainly give it a shot.
And yes, installing ESXi to a disk wipes out all partitions and repartitions using it's own schema. Shouldn't be an issue for Hyper-V.
Guess what has 2 thumbs and disabled the admin account before setting up login permissions on the new account before restarting the machine for a system update.... (completely locked myself out)
This guy
In the middle of copying all the files BACK off the partitioned drive so I can flatten it and start over tomorrow
Doh! Just use the windows disk to reset the admin password
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote
