6

I'd like to create a Plex/Jellyfin server that I can open up to family and friends on other networks. I know there are security concerns with opening my home network to outside traffic like this, but I'm not educated well enough on cyber security to know what practices to avoid or how to accomplish this safely.

Something I've come across is the Firewalla Purple . It's a device that plugs into your modem to provide a firewall, DNS ad blocking, and some other cyber security features.

From what I've read, the network monitoring and security features provided by this product would solve the security concerns that come with opening a Jellyfin/Plex server to outside connections. Firewalla also provides lifetime access to their VPN with the purchase of their products, so I could stop paying for Proton if it's any good. The DNS ad blocking is a huge bonus.

How can I safely let friends and family stream from my Plex/Jellyfin server? Would this Firewalla product solve any of these issues? Is their VPN service comparable to Proton or Mullvad?

you are viewing a single comment's thread
view the rest of the comments
[-] originalucifer@moist.catsweat.com 4 points 10 months ago

techinically, no, you dont need that device.

you would use your existing routing device to port to your containers in the form of a pihole and jellyfin.

set your router to the pihole for dns, and youre done.

you could use gluetun for vpn, also containered with your existing proton account.

[-] GooseFinger@lemmy.world 2 points 10 months ago

Thanks for the answer, that makes sense. Sounds like there aren't security concerns with letting others connect to my server then.

This is the first I've heard of Gluetun. Why do you suggest it?

[-] originalucifer@moist.catsweat.com 4 points 10 months ago

your router also has a firewall, so thats where you limit the jellyfin port to the service on your server.. then your security concern is at jellyfin itself (certificate, users accounts etc).

gluetun is great because it can establish a vpn connection using openvpn (which any good vpn provider supports). you can then set anything inside your network or other containers to use that for their external internet access very easily.

the benefit with this is if the tunnel goes down, your stuff doesnt accidentally use the non-vpn'ed connection. so if you were hypothetically running a torrent client, it would never bleed your public ip.

im already solid with proton for email purposes, which includes vpn access. me paying anyone else for vpn would just be superfluous

this post was submitted on 14 Jan 2024
6 points (100.0% liked)

Cybersecurity

5751 readers
245 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago
MODERATORS