It does matters if you expose your IP.

That’s why tunnels like Cloudflare and AWS exists to serve your home services to the public without exposing your IP. https://www.kali.org/tools/routersploit/ is a tool for example to target routers, if bad hackers can make botnet to brute force your servers 24/7, they can implement other exploits and you better don’t take any mistake any day.

The only safe device is the one isolated from internet and others connections. If you really want to learn to have your own home lab, then learn it → https://tailscale.com/ and stop being lazy, there is no need to expose your IP, there is absolute no reason unless you are that lazy, but even you said you prefer paying a cheap VPS than messing with it.

Say it again, let’s keep this loop going, but work a bit more on your responses.

They can learn that all without exposing their IP. You don’t really get it, huh… good luck.

I’m getting a bit tired of your replies.

Basically you learn everything from start to finish. Maybe you could even setup a proper VM host using proxmox or something.

The cost of a server at home as you are saying is much more than hiring it online. The only difference is how you boot the BIOS to install the ISO burned into a USB. A hosting service would require you to do it different, and you will anyway learn it in this way, which could help you in the future to deploy some product ready or for your work. So there is no difference at all, and you also need to secure it.

So as expected it isn’t really risky as long as you take the appropriate security actions.

I don’t know if you really read it. It is saying that you can never expect when a new 0-day vulnerability comes out. Like: https://venafi.com/blog/ssh-vulnerability-allows-authentication-without-password/ → “attacker could successfully authenticate without any credentials”

A VPS doesn’t solve any security issues with your website itself.

Yeah, it solves that they only infect your server on a hosting provider and not your home where you have your phone, router, more devices where they can test more exploits to them. Also, your hosting provider normally also monitors for suspicious requests so if it is infected, your provider will inform you of suspicious activities.

You will learn much more with self hosting at home though. Which is arguably worth much more.

Much more? It’s the same… What’s the difference?

Why is it a risk?

https://security.stackexchange.com/questions/41983/what-risks-are-involved-in-exposing-our-home-computers-over-the-public-internet …

I’m of course referring to a real DMZ and not a DMZ host.

Maybe but why would it matter, especially enough to pay cloud bills?

Because we are talking home-made stuff, we didn’t talk about a real firewall or any infrastructure, and even doing that is much more expensive than the cheap VPS.

I have a cheap VPS for my website but that is just because I’m behind a CGNAT and I won’t bother to solve that.

Same, that’s why I am saying there is no need to expose your IP, unnecessary risks.

https://en.wikipedia.org/wiki/DMZ_(computing)#DMZ_host -> By definition, this is not a true DMZ (demilitarized zone), since the router alone does not separate the host from the internal network.

Home routers aren’t firewalls or something similar, they have some minimal logic that can act like a firewall, but they aren’t. There is no need to expose your IP, there are many alternatives to do stuff without exposing it.

Nice colors… good job.

I already have my own router, even if a web server is safer, you are still exposing your IP which is what I don’t want to do. DMZ doesn’t solve anything, is just worse than setting up a port forward as you are opening all the ports to the server at home, your server at home has access to all your network so once infected by any 0-day exploit, you are fucked up.

I just hire online servers and I have my own Ansible playbooks to manage those servers, this way I don’t provide my real IP (my home) to anyone.

Why are you saying that? I know it’s not a firewall, I’m just saying it doesn’t expose your router directly to internet, most of the routers also have firewall, and you can DMZ or port forward that you normally turn them on once you expose your router to public so bots or people can make direct requests to your router.

Yeah, I would do that before exposing my router to public and opening ports, but for the tunnel I would use something like WireGuard into a virtual network at my home just to improve security. I’m not a fan of Cloudflare.

I’ve run a small public web server for well over a decade and never had any issues with hackers.

It’s never late to get hacked or an attack or a problem with your ISP router firmware. I don’t think that’s an excuse.

receive backups from my other servers

You can simply do cronjob and scp user@server:/path/to/backup . to get things from server to your local network, I don’t see the need to expose your router to the public. For a web server, there are cheap VPS providers for less than 5 dollars a month, and you save up energy, hardware, and improve safety at home.

I am into tech/programming/devops, I make my own servers, but I would still prefer to be under CGNAT as I feel more safe. I wouldn’t open any port or tunnel to my local home network, I wouldn’t feel that safe. So for me, a CGNAT is perfect.

Dell XPS 13 with the “developer” label is also pretty nice so it’s all good, but check that it has the “developer” label, or it will be not designed to be compatible, if I’m not wrong, the main difference is the Wi-Fi adapter. Also, out of this topic, careful with the finance and credit card, it’s always a scam unless you really need it to work I wouldn’t spend money that I don’t have.

EDIT: About the compatibility, on this Reddit post, people are saying there is not really any difference https://www.reddit.com/r/Dell/comments/fjb9na/difference_between_the_standard_and_developer/, and I think the Wi-Fi adapter was only on the old versions (years ago when I bought mine). Haha… 😛

Woah, thanks!

Same, I would go to Arch (for me the best distro, it’s clean), and if you want something easier just Linux Mint.

EDIT: I would forget about PopOS, really think this distro suck.

Yeah, I knew it, I still would get a TUXEDO computer, something like TUXEDO InfinityBook S 15 - Gen8, the DELL XPS 13 is very small, small keyboard, very portable but not really nice to work with. And TUXEDO looks much more into Linux than DELL.

For Linux compatibility, something like this https://www.tuxedocomputers.com/ would be better than Dell XPS 13.

The post on your link has no date, I don’t know if this is from January or from December.

Yeah, overwhelming but can be cool to learn about this https://linrunner.de/tlp/settings/index.html and https://wiki.archlinux.org/title/Tlp has some documentation, with this and some blog from a user explaining it, it should work. Also, the auto-cpufreq is pretty cool, makes your PC go slower but saves a lot of your laptop energy, or I feel like this.

About Battery life, did you try this? https://austingwalters.com/increasing-battery-life-on-an-arch-linux-laptop-thinkpad-t14s/ TLP or PowerTop + https://github.com/AdnanHodzic/auto-cpufreq#why-do-i-need-auto-cpufreq ?

Try Linux another time (I also often switched to Windows in the past until now, I can finally say I would never use a Windows/Apple desktops, I really dislike them), I often try distros on my Laptop while my Desktop has a stable distro to work with. On laptop, I just try different distros as I do like to test them.