Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsMicrosoft WindowsWould you automatically update your Windows 10 that's used as a file server?
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
Tinkerisk
4798 posts

Uber Geek
+1 received by user: 3660


  #3219170 16-Apr-2024 16:21
Send private message

turtleattacks:

 

Given that it's only going to be used as an internal file server - would it make sense just to block internet access to the W11 machine?

 

(upgraded to W11 from W10). 

 

 

Anyone asking such questions should only switch on a server after clarification. Sorry, this is not meant personally, but in terms of security.

 

 




- NET: FTTH & VDSL, OPNsense, 10G backbone, GWN APs
- SRV: 12 RU HA server cluster, 0.1 PB storage on premise
- IoT:   thread, zigbee, tasmota, BidCoS, LoRa, WX suite, IR
- 3D:    two 3D printers, 3D scanner, CNC router, laser cutter



turtleattacks

1008 posts

Uber Geek
+1 received by user: 305

Trusted

  #3219172 16-Apr-2024 16:23
Send private message

Tinkerisk:

 

turtleattacks:

 

Given that it's only going to be used as an internal file server - would it make sense just to block internet access to the W11 machine?

 

(upgraded to W11 from W10). 

 

 

Anyone asking such questions should only switch on a server after clarification. Sorry, this is not meant personally, but in terms of security.

 

 

 

 

 

 

No offense taken mate, I'm still trying to learn as I go myself. 




----

 

Creator of whatsthesalary.com and whatstheincometax.com

Tinkerisk
4798 posts

Uber Geek
+1 received by user: 3660


  #3219175 16-Apr-2024 16:34
Send private message

turtleattacks:

 

No offense taken mate, I'm still trying to learn as I go myself. 

 

 

A server is protected for access FROM the Internet. If it is only used for internal purposes, access from the Internet is completely blocked. However, a connection TO the Internet makes sense for (automatic) security and version updates, but a firewall should prevent the server from becoming independent, e.g. only being able to establish very specific connections to the Internet. Otherwise, TO the Internet access can be completely blocked, which then results in manual updates.




- NET: FTTH & VDSL, OPNsense, 10G backbone, GWN APs
- SRV: 12 RU HA server cluster, 0.1 PB storage on premise
- IoT:   thread, zigbee, tasmota, BidCoS, LoRa, WX suite, IR
- 3D:    two 3D printers, 3D scanner, CNC router, laser cutter



MadEngineer
4591 posts

Uber Geek
+1 received by user: 2570

Trusted

  #3219310 16-Apr-2024 20:46
Send private message

Tinkerisk:

 

turtleattacks:

 

No offense taken mate, I'm still trying to learn as I go myself. 

 

 

A server is protected for access FROM the Internet. If it is only used for internal purposes, access from the Internet is completely blocked. However, a connection TO the Internet makes sense for (automatic) security and version updates, but a firewall should prevent the server from becoming independent, e.g. only being able to establish very specific connections to the Internet. Otherwise, TO the Internet access can be completely blocked, which then results in manual updates.

 

Never make the false assumption that because you've protected something from the internet that it's safe.  Lateral movement is a tab key away from within a hackers toolkit once they're in your network.




You're not on Atlantis anymore, Duncan Idaho.

Tinkerisk
4798 posts

Uber Geek
+1 received by user: 3660


  #3219313 16-Apr-2024 21:08
Send private message

MadEngineer:

 

Tinkerisk:

 

A server is protected for access FROM the Internet. If it is only used for internal purposes, access from the Internet is completely blocked. However, a connection TO the Internet makes sense for (automatic) security and version updates, but a firewall should prevent the server from becoming independent, e.g. only being able to establish very specific connections to the Internet. Otherwise, TO the Internet access can be completely blocked, which then results in manual updates.

 

Never make the false assumption that because you've protected something from the internet that it's safe.  Lateral movement is a tab key away from within a hackers toolkit once they're in your network.

 

 

Hence my reference to the firewall, which standard routers do not have or only have as a ‚light’ version. So I don't assume anything as safe, neither in front of it nor behind it. 😉




- NET: FTTH & VDSL, OPNsense, 10G backbone, GWN APs
- SRV: 12 RU HA server cluster, 0.1 PB storage on premise
- IoT:   thread, zigbee, tasmota, BidCoS, LoRa, WX suite, IR
- 3D:    two 3D printers, 3D scanner, CNC router, laser cutter

1 | 2 
View this topic in a long page with up to 500 replies per page Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright