• 0 Posts
  • 6 Comments
Joined 1 year ago
cake
Cake day: June 7th, 2023

help-circle




  • I am unsure if I can ELI5 those without also ELI5-ing about Computer Network, VPN and Firewall.

    They are VPNs. Like a regular network, they connect your devices through their network. They may put Firewall rules to allow you to talk to X networks (any specified networks). That also means the VPN may not allow you to connect to the internet through their network. Now the difference between ZeroTier and Tailscale and other VPNs for accessing the internet is that ZeroTier and Tailscale only permit your traffic to your other devices that are bound to your account and not to the internet (your other internet data won’t go through zerotier/tailscale). This configuration is great because you have a virtual and secluded network that you can connect to from anywhere via the internet using ZeroTier/Tailscale networks (with your virtually local IP on ZeroTier/Tailscale).


  • I’m hosting an email server on a VPS that has fail2ban in it. A lot of ports are open but only wireguard and knockd are listening.

    For remote server management, I would use wireguard for regular ssh access, but when I need to configure the wireguard I can just disable/reenable the wireguard-only ssh firewall rule using port knocking, there is also the option of using the serial console on the VPS web ui but it is slower.

    Honestly, I’m not sure myself if my public facing services face a DoS attack. Well, there’s always an option of using Cloudflare. With that being said though, I think in your case you should just use a free “VPN” like Tailscale or ZeroTier.