• eleitl@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        12 days ago

        Which network setup do you use? Use a VPN tunnel with 1:1 NAT, route a subnet? Something else?

        • Monkey With A Shell@lemmy.socdojo.com
          link
          fedilink
          English
          arrow-up
          2
          ·
          11 days ago

          Pretty simple simple ‘castle & moat’ setup. Lots of firewall, IPS, dynamic threat, etc around it with separate subnets and all the usual biz. My ISP doesn’t use CGNAT so I’m lucky that way, though they did question WTF I was doing last I made a service call to them based on the bandwidth usage.

    • jarfil@beehaw.org
      link
      fedilink
      arrow-up
      5
      ·
      14 days ago

      All service providers in the EU have to follow a similar abuse report handling procedure.

      They usually require a response to abuse tickets within 24h, so better have someone capable of responding at least twice a day. Unless the abuse goes against the provider’s ToS (don’t do that), simply responding to it should make it go away… as in, the provider washes their hands and lets the reporting party and you sort it among yourselves, be it in court or whatever. Russian government agencies are not very likely to win a case in the EU these days, though.

      If you don’t want to deal with hosting providers, you can self-host and deal with your ISP.

      This varies a lot from one ISP to another, some will cut you off at the first sign of abuse, others will ignore abuse reports like nothing happened, while others will port-filter you so you can’t even host stuff yourself. You will also find that most residential IP ranges are on blacklists used by mail providers.

      To increase the likelihood of staying online, use redundancy. For a while, I used to manage a system with two hosting providers, acting as reverse proxies and fallback for a local dual server setup with dual PSUs, dual UPSs, with dual connections to two ISPs via two routers. We used to get close to “six 9s” uptime.