I seem to have opened a can of worms. I didn't expect so many replies, TBH.Good lord this thread is full of weird advice!
I'm just not paranoid enough to go and buy a sparcstation to use as a firewall.
If I have got their attention then I should assume they have already exfiltrated all the data they want (considering, for example, the flap about spy chips on Supermicro boards).I'm a 20+ year Security nerd, and specialize in firewalls, advanced threats and malware etc.
You either "need" very moderate security for your home internet, or you know you're doing really shady stuff and should take whatever precautions you can dream up.
You would be an absolute idiot if you were doing things from your house that would get the attention of nation states
Thanks! - that's exactly the sort of information I was looking for. Just checked and it looks like you can put a quad i350 card in the M920. Looks ideal.This is my setup, and I'll hand out my public IP for anyone that thinks they can hack it
Lenovo M920Q
Onboard Intel i219
Mellanox CX3
USB3 network adapter for mgmt
...
This setup is dead silent, tiny, and easily does 1G symmetric