• 0 Posts
  • 9 Comments
Joined 11 months ago
Cake day: February 16th, 2025
  • This2ShallPass@lemmy.worldtoSelfhosted@lemmy.worldPi-hole client filtering without DHCP?English
    2·
    6 months ago

    You don’t need DHCP, you can just use DNS and then set up different blocking groups based on the device.

    The problem with this solution is that is it opt in. You would need to change all the wifi settings on each device separately to point to Pi-Hole as the DNS. This is something that could easily be disabled as a 12 year old would probably be able to figure out how to change the settings on their mobile devices or computer with a Google search.

  • This2ShallPass@lemmy.worldtoTechnology@lemmy.worldfake keepass repo on githubEnglish
    5·
    7 months ago

    I don’t know of any comprehensive source but there are a few basic things you that I do.

    1. Ensure sudo is on the system so that root account is not used.
    2. Get a secure browser that with add ons to protect against malicious sites (https everywhere, JavaScript blockers, etc…)
    3. Download software from trusted repositories and verify with GPG keys or hashes. Be wary on installing anything using a shell script with super user access.
    4. Use keys instead of passwords for ssh if you are going to use ssh.
    5. Password tools like Vaultwarden and KeePass can help secure passwords.
    6. You can encrypt your hard drive with LUKS before you install Linux with many distros.
    7. Flatpak (Docker as well) can allow you to run applications with limited access to your system much like phone apps on Android. This can be more secure but comes with larger app sizes and limits what you can do with the app sometimes (e.g. browsers not being able to upload files because they don’t have full filesystem access)
    8. If you want a firewall on your workstation (not needed much anymore with hardware firewalls from routers), UFW makes it easy
    9. If you want to check for viruses use ClamAV (ClamTK for a GUI app).