Average load 800W is 0.8kW24h30d=576kWh/M
Which is over 172€ on a 30ct/kWh contract.
- 0 Posts
- 7 Comments
Joined 2 years ago
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
link Englishfedilink 1 year ago3·arrow-up
link Englishfedilink 1 year ago7·arrow-up Just my 2 cents:
-
Proxmox. Flexibility for both new services via VM/LXC and backups (just install proxmox backup server alongside and you get incremental backups with nice retention settings, file-restore capabilities as well as backup consistency checks)
-
If it’s in a VM/container you don’t need to worry about backups, see 1.
-
In this case isn’t it sufficient to be able to access the data via Windows network?
-
link Englishfedilink 2 years ago10·arrow-up Jitsi Meet it’s usually p2p for calls between two persons. As soon as a third person joins, the meeting gets routed through the server. You can see this by a slight delay happening when person 3 joins. It won’t happen again for every additional person joining
link Englishfedilink 2 years ago1·arrow-up Very interesting, thanks for sharing!
I know it’s just anecdotal evidence, however fail2ban in my one machine which does need ssh on port 22 to the open internet bans a lot of IPs every hour. All other ones with ssh on a higher port do not. Also their auth log does not show any failed attempts.
link Englishfedilink 2arrow-up 1·arrow-down 2 years agoedit-2 The points I made should not be used instead of all other security precautions like prohibited password login, fail2ban and updates, I thought that is common knowledge. It’s additional steps to increase security.
I disagree that changing the port is just security by obscurity. Scanning ips on port 22 is a lot easier than probing thousands of ports for every IP.
The reason people do automated exploit attempts on port 22 is because it is fast, cheap and effective. By changing the port you avoid these automated scans. I agree with you, this does not help if someone knows your IP and is targeting you specifically. But if you’re such a valuable target you hopefully have specialized people protecting your IT infrastructure.
Edit: as soon as your sshd answers on port 22, a potential attacker knows that the IP is currently in use and might try to penetrate. As stated above, this information would most likely not be shared with the automated attacks if you used any random port.
link Englishfedilink 2 years ago5arrow-up 2·arrow-down I can’t help much regarding the service denial issue.
However Port 22 should never be open to the outside world. Limiting to key authentication is a really good first step.
To avoid automated scans you should also change the port to a higher number, maybe something above 10,000.
This both saves traffic and CPU. And if a security bug in sshd exists this helps, too.
Yeah, we pay a lot. We also got one of the lowest downtimes regarding electricity, on average approximately 10minutes per year…so that’s kind of a (small) advantage you get for the premium price