As my home network grows, I’ve been trying to tighten down the security and separate devices/VMs/containers into vlans and hide them behind reverse proxies and security gateways.

That being said, I would love to hear what approaches folks use to pen test their self hosted environments to find any holes/leaks.

  • Old Fart@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    You could also look at not making anything available publicly and using something like tailscale to get access to your services.

  • SheeEttin@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Generally, I don’t.

    But you can run nessus for free, and have shodan scan you externally. If you’re running AD, you can run bloodhound and pingcastle as well.