As my home network grows, I’ve been trying to tighten down the security and separate devices/VMs/containers into vlans and hide them behind reverse proxies and security gateways.
That being said, I would love to hear what approaches folks use to pen test their self hosted environments to find any holes/leaks.
You must log in or register to comment.
Nothing :O
I have a strong password on the only appliance exposed which I keep updated and then I have backups of everything.
5 years ago I took a crypto-locker on the windows PC that my brother exposed to internet, luckily it only affected the computer which was used as a media player, nothing important.
If you have suggestion on pen-test to run I’m all hears
You could also look at not making anything available publicly and using something like tailscale to get access to your services.
Generally, I don’t.
But you can run nessus for free, and have shodan scan you externally. If you’re running AD, you can run bloodhound and pingcastle as well.
