Re: [tor-relays] Feedback wanted: letter to my university's library

On 10/03/2017 11:31 PM, Scott Bennett wrote: > They have refused to let me speak with those making the decisions about > what is provided on their public computers, much less to make an organized > presentation to them. I was told that the decisions about software on the > computers are

Re: [tor-relays] AU Relays and data retention

> On 4 Oct 2017, at 20:02, Paul Templeton wrote: > > The extent of data retention obligations for your relevant service would > relate to the extent to which elements of the data set “visible” to you. For > example, where a provider does not have “visibility” of a

Re: [tor-relays] SSH Bruteforce Attempts

Thank you all for replying, I will answer the notification with the template mentioned by Rejo and include the link for ExoneraTor recommended by Jon. Best Regards, Tanous 2017-10-04 11:34 GMT-03:00 Jonathan Proulx : > Here's my version of the same: > > Hello, > > The

Re: [tor-relays] Feedback wanted: letter to my university's library

> -Original Message- > From: ali...@torproject.org > Yes, I do a basic training which includes HTTPS, cookies, software > updates, passwords, and the like. It's both to educate the librarians > into better practices and to help them teach classes to their patrons. > That said, my

[tor-relays] AU Relays and data retention

Hi All, I have asked the Attorney Generals Department about data retention and got the following response. If you run a relay/bridge here you seem to be exempt from retaining data. If your not an ISP and you run a service from home the ISP/carrier will retain the data though. This just

Re: [tor-relays] Feedback wanted: letter to my university's library

Scott Bennett: > Alison Macrina wrote: > >> Scott Bennet> If he discovers that neither his campus library nor the >> university as a >>> whole is already officially running at least one relay, this may be a better >>> way to teach them. If, rather than going for a relay,

Re: [tor-relays] Feedback wanted: letter to my university's library

On 4 October 2017, Scott Bennett wrote: Let me give an example. I have for at least ten years asked my local public library to provide a) a secure shell client, b) a secure web browser for ordinary use where anonymity is not a concern, c) a secure FTP client, and d) the TBB for use by

Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address

The instance I use for administrative purposes (SSH and APT) is a separate one, client-only. -Original Message- From: tor-relays [mailto:tor-relays-boun...@lists.torproject.org] On Behalf Of teor Sent: Wednesday, October 4, 2017 5:49 AM To: tor-relays@lists.torproject.org Subject: Re:

Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address

On Wed, Oct 04, 2017 at 02:32:10PM +0100, Robin wrote: :I restrict SSH access with iptables allowing only access from two IP addresses (work, and home). :I also disable root login (as many already do), as well as use the AllowUsers option in SSH. Hard for me to tell if my Tor nodes get any more

Re: [tor-relays] SSH Bruteforce Attempts

Here's my version of the same: Hello, The source address 128.52.128.105 is a Tor exit node, and is not the origin point for the traffic in question. See http://tor-exit.csail.mit.edu (which is the host in your logs) for details. Any action taken on this node would simply result in the problem

Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address

I restrict SSH access with iptables allowing only access from two IP addresses (work, and home). I also disable root login (as many already do), as well as use the AllowUsers option in SSH. regards, Robin - Original message - From: Fr33d0m4all To:

Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address

> On 4 Oct 2017, at 02:26, Igor Mitrofanov wrote: > > I have setup a (private, key-based) Tor hidden service for SSH > administration. It works well and leaves no extra open ports to attack. > > If you also take advantage of package updates over Tor (via the local

Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address

Hi, could it help to use ||iptables to limit to 3 attempts per minute, or to use Fail2ban? Regards Tom On 10/04/2017 01:07 PM, Martin Møller Skarbiniks Pedersen wrote: > On 4 October 2017 at 08:41, Fr33d0m4all > wrote: > > > > I know, I

Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address

On 4 October 2017 at 08:41, Fr33d0m4all wrote: > > I know, I know about how internet works :) I’ve just simply noted a large increase in SSH brute force attempts in the last two weeks. BTW I don’t have root login enabled and I have two factor authentication on my SSH port

Re: [tor-relays] SSH Bruteforce Attempts

Hey, Yes, I do more or less the same. If the complaint is sent using some automated system, I "do nothing." If the complaint is sent by a human, I'll answer them with a template, see below. If there is a followup response to that, I'll do some more explaining, oftentimes pointing them at the

Re: [tor-relays] Attacks to and from Tor

1) I think you can't 2) All Tor relays IPs are public Le 04/10/2017 à 08:49, Thomas Dünser a écrit : Hi everybody, I've read a few threads about attacks from exit nodes to the clear net and from the clear net to tor nodes and have several questions: -How can you recognize that the attacks

Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address

El 04/10/17 a las 08:41, Fr33d0m4all escribió: > I know, I know about how internet works :) I’ve just simply noted a large > increase in SSH brute force attempts in the last two weeks. BTW I don’t have > root login enabled and I have two factor authentication on my SSH port (not > standard),

[tor-relays] Attacks to and from Tor

Hi everybody, I've read a few threads about attacks from exit nodes to the clear net and from the clear net to tor nodes and have several questions: -How can you recognize that the attacks to tor nodes are especially against Tor? -And how can a clear net user or better IDS easily differencing

Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address

I know, I know about how internet works :) I’ve just simply noted a large increase in SSH brute force attempts in the last two weeks. BTW I don’t have root login enabled and I have two factor authentication on my SSH port (not standard), which is enabled only for a single low privileges user,

Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address

On October 3, 2017 11:02:55 PM PDT, Fr33d0m4all wrote: >Hi, >My Tor middle relay public IP address is victim of SSH brute force >connections’ attempts and the attack is going on since two weeks ago. >It’s not a problem, the server that is listening with SSH on the same >IP

Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address

Original Message On 4 Oct 2017, 07:02, Fr33d0m4all wrote: Hi, My Tor middle relay public IP address is victim of SSH brute force connections’ attempts Welcome to the Internet! Any Internet connected machine will be port scanned, vuln probed, brute forced, blindly hit with

Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address

I have setup a (private, key-based) Tor hidden service for SSH administration. It works well and leaves no extra open ports to attack. If you also take advantage of package updates over Tor (via the local SOCKS5 proxy that any Tor instance provides) the only non-OR incoming traffic you need to

[tor-relays] SSH brute force attempts to connect to my Middle Relay IP address

Hi, My Tor middle relay public IP address is victim of SSH brute force connections’ attempts and the attack is going on since two weeks ago. It’s not a problem, the server that is listening with SSH on the same IP address than my Tor relay blocks the connections and bans the IP addresses (with