might host a shared library of ebooks since I live with lefties, but what else could I do? i'm gonna run it on an old laptop and it has a mic and webcam, so there are some creative possibilities here

  • unperson [he/him]
    ·
    4 years ago

    I don't want to be a buzzkill but maybe disconnect the microphone if you're going to talk about your first house server in chapo chat.

    • Spinoza [any]
      hexagon
      ·
      4 years ago

      depends on where it's going to be i guess

      • unperson [he/him]
        ·
        4 years ago

        Cool, that's a good attitude.

        I cringe when I think of how I set up my first home server. Fortunately nothing happened but retrospectively I was very reckless.

        One of these days you could look into how to make firewall zones in your router, and put your home server in the wan zone so that it cannot be used to get into your home network. That eases most of the security worries: worst case you can format it and set it up again, which is fun and you always do it better than the last time.

        • Spinoza [any]
          hexagon
          ·
          4 years ago

          thanks for looking out for me, i do realize i need to be careful and do my research

          at the moment the webcam is taped over, and i'll disconnect the microphone unless i explicitly want to play around with voice commands or something, in which case i'm going to have to do a bunch of work to set up the necessary security for that

          • unperson [he/him]
            ·
            edit-2
            4 years ago

            Great, I don't want to discourage you from experimenting with your server. :Care-Comrade:

            In practice nobody is scanning the Internet for servers with cameras and much less microphones. Having a commodity IoT camera or assistant would be much worse in this aspect. Mics in servers are very rare and low value for untargeted attackers.

            What bots will be looking for is basically any kind of password login, extremely outdated software with widely known vulnerabilities, services with write permission accidentally made public (be it something obvious like ftp or something less obvious like a seed box with a weak password). If you make everything with a password listen on localhost and hide it behind key-only ssh, bots will stop even scanning you.