Hmm. I would probably use some kind of SATA to eSATA adapter for the least amount of purchasing.

But if you want to have small form factor compute nodes, I’d suggest replacing the dumb enclosure with a smarter (and faster) NAS or SAN. This way, you wouldn’t be relying so much on janky hacks.

Sounds like you need to fix the match. I haven’t had to do this in a few years so I don’t know what the current process is, but you should be able to find plenty of recent articles on the process.

That’s what modern endpoint security is, really. Traditional AV is dead. There are far too many people making malware for file signatures or heuristics to keep up. Instead, you want to look for behavior on the system and on the network. For example, if a program starts reading every file it can find on the network, and changing then from their current formats to unreadable blobs, that’s probably ransomware and should be stopped. Plain old AV probably won’t catch it on the client because of how frequently it gets modified (plus all the various evasion techniques), nor on the server because nothing unusual is running on the server.

I didn’t actually implement it, but it looked like the winner last time I looked. I’d also recommend starting there.

For work it’s all Windows so we use MECM.

Pick one and start at the beginning.

That site literally has links to the source material.

Yes, doing it directly instead of downloading then uploading is generally faster. As is wired instead of wireless.

Sure, but you’re going to be pulling it out either way. When you do, inspect it.

The easiest thing to do would just be to pull it out and look at it. The break might be obvious.

The Google warning page isn’t from a scan. I’ve seen it show up when visiting an entirely internal site in Chrome. It’s not exposed to the Internet, and the domain name doesn’t even exist in public DNS.

What’s in the logs on the client and server?

I think you should be able to run containers directly on Proxmox, and have enough RAM to run one VM for the thing that can’t be containerized.

For a generous definition of “original”.

Edit: very generous, since it’s just new text on the second panel in https://xkcd.com/1269/

I don’t.

I currently use 192.168.6.0/24, set DHCP to 100-199, and statically assign a few servers outside that range. Anything else can use DNS via DHCP because I use Windows for AD/DNS/DHCP.

No, you don’t need a reverse proxy. If you’re accessing anything remotely, I highly recommend just setting up a VPN instead of exposing a bunch of different services to the Internet.

That said, traefik is dead simple. There’s an example for docker-compose here: https://doc.traefik.io/traefik/user-guides/docker-compose/basic-example/

It’s not completely secure, but I only use it so that I can access my services by name and over HTTPS. I don’t have anything exposed to the Internet.

The best reason is reducing attack surface. It’s such an easy thing to do. I don’t know why people still expose services they don’t need to.

The request will be sent to that server, and the server will respond. In what part of all this process can the VPN can do anything?

If there is a firewall between the client and the server (which there should be), then no, the server will not respond.

The VPN jumps the firewall. When you set up the VPN service, you created firewall rules to allow the VPN traffic. Then when you have the VPN connected, all traffic to the destination network is tunneled through that one connection.

Just… stop making it accessible from the Internet? Whatever you did to allow it through your firewall, just remove that rule.

https://www.cloudflare.com/privacypolicy/

Seems the attitude against it is “I just don’t like it”.

If someone keeps getting the captcha interstitial, it’s probably because they’ve configured their browser to turn off things like JavaScript and cookies. This makes them different from a regular user, and can either break a site due to missing requirements, or makes them look like a bot, which Cloudflare will block.

Any drive has the possibility of failure. If you value the contents, have a way to recover, either by restoring from backup or by re-downloding your media.