r/HomeInfrastructure

I have been doing this for some time but this weekend i decided to add more relevant logs to block more logs from my Xeams mail gateway appliance.

My log list now contains

• authTerminate — bad AUTH attempts
• helloTerminate — bad EHLO/HELO
• invalidRecipients — directory harvesting
• rcptTerminate — invalid RCPT
• timeoutTerminate — connection timeouts
• GreyListing — persistent greylisted senders
• ForgedSenders — forged sender addresses

This feels almost like a honeypot due to the number of "attacks" - just during this afternoon 105 decisions was made to block traffic, to my mail server alone ✌️

All decisions are fed into a blocklist that my TWO Juniper vSRX firewalls subscribe to and is part of global deny rules in the firewall.

It does not matter if a IP tried to perform a wordpress attach or connect over SMTP - you shall not pass.... ❤️‍🔥

This might end up on Github soon..

I cant believe it

My third Silverstone RS831S broke down after a power failure (i think it would have survived unless I also had an UPS issue) just after I spend a week re-building my 65TB array after a drive failure.

I'm a big fan of these Silverstone enclosures but they have a power draw issue, not ideal with the larger SATA drives.. This is the third, and last one dying...

But one night, spending some quality time on eBay i found my dream enclosure, i have been lurking for these for some time now, but are rare and super expensive new (between 4000-8000 euros)

But I found one in France, the same week my previous enclosure died on me. what are the odds?

My main reasons are

1.) Space - I have to fit these in my closets with around 45cm max depth.

2.) Noice - Most other compact enclosures (EMC etc.) can fit but controlling all these fans is hard if possible at all.

I will have 10 drives for my main "NAS" and the 6 other slots will be used for Enterprise SAS 12Gb SSDs with the goal of replacing my ancient 16x250Gb all flash array. No need for NVME here :)

Currently I'm making an attempt to repair an really old 8x8TB QNAP with very low confidence that it will work - It contains old SD movies I lost years ago and haven't bothered trying to restore due to the complexity...

I started developing my USBridge 2.0 KVM-over-IP solution because I needed a simple way to manage budget servers at the BIOS level. An example configuration involves motherboards based on the Xeon X99; unfortunately, they do not have built-in IPMI.

The goal was to display the BIOS in the console—without an agent—as readable text that can be copied and read by AI agents for rack diagnostics.

In the end, I found that USBridge-KVM doesn’t just pass through pixels, but converts the BIOS screen into text output in the terminal using deterministic pixel mapping (in simple terms, OCR). In the end, I get the same BIOS, but only as text via SSH. Essentially, it’s the same as IPMI/iLO, but for hardware where it isn’t provided.

I decided not to stop there and finished implementing data snapshots. Since the KVM is physically isolated from the host, I consider this a significant advantage for data protection. The concept is simple: snapshots are saved on the KVM’s SD card, which uses a BTRFS filesystem; after a snapshot is created, it enters copy-on-write mode. Even the root user on the host cannot delete or encrypt it.

I’ve also spent quite a bit of time working with disks. You can mount disks directly so that the host sees them as physical drives; they can boot up and run. All changes are saved separately, which allows for experimentation—I know I can always roll back. In terms of speed, it works almost as fast as an SSD, since I’ve set up caching.

It’s been 8 months since I started working on this, and I’m now in the final stages. I’m finishing up the active cooling system and fixing minor bugs. I’m also polishing the code for the agent (an app similar to TeamViewer or AnyDesk) and the client application so I can release it as open source on GitHub.

Essentially, this will be a completely free alternative to TeamViewer or AnyDesk, with no subscriptions or restrictions.

How are you handling out-of-band access on budget hardware without IPMI? I’m curious to know what solutions people are actually using.