|
It's an experience, some things give more issues, but other things are better and other just different. Documentation consistency, source code availability in the base install (recompile/optimize the OS gentoo style with a few commands), packet filter, following the whole FAQ, discovering the community blogs and IRC channels, etc Many years ago, on my own house, I started as: ISP modem -> all things in one VLAN (1 switch segment)
Then I added: ISP modem -> Linux router -> Separated VLANs (home servers, LAN, WiFi, TV, games, etc)
Finally I did: ISP modem -> OpenBSD -> Linux firewall -> Home VLANs (LAN, WiFi, TV, games, etc)
-> Home servers
One more hop, but I did think "If someone wants to enter from the outside, will need to exploit 3 layers of TCP/kernel implementations, and switching VLANs, instead of one layer".Really it was more an excuse to do things and learn... anyone can be attacked if targeted, even with 10 firewalls in front. Just by clicking a link, rendering a font, a PDF, etc... Nowadays I've moved to much, living rented and I only have a personal laptop (and one for job when provided). |