I’d consider insulating the ductwork and doing air sealing if it gets that hot, as it means lot of your heat is not making it where it should so your hvac is probably running more than it needs to.

Do those have VT-D and can they accept a decent amount of ram like 16GB or so? Very tempting to build a Proxmox cluster if I can find some here in Canada.

Anything that faces the internet I have on a separate vlan. Each system on that vlan is treated as if it was facing the internet directly, that way if one of them gets compromised the hacker will not get far trying to get into any other machines.

Rest of my network is a little more tame just for ease of access since it’s only me on here.

Although at some point I do want to revisit my security protocol even locally, just in case. Hitting some kind of drive by trojan script or something within the browser is always a possibility, it could work in reverse where it connects to an external server and then accesses the rest of the network that way. I’m not aware of such trojans but I’m sure it’s possible.

I do block all outbound ports except for base internet ports but a properly written malicious script would probably take that into account and use a common port like 443.

At some point I might setup a honeypot. Just need to name the VM “cryptowallet” or something like that and it would be a very fast target. If access to it is detected it would alert me and shut off the internet.

Very possible as something like Minecraft server is popular enough so if there’s known vulnerabilities they might be trying to exploit them. Be sure you are hosting that on a separate vlan that is split from rest of your network.

If you want to be more safe only allow your friends’ IPs through.