Hi,
> > If you are asking how to secureĀ your box better, indeed the public IP > address list of relays is often scanned and brute forced. That is why > I recommend: > > - - if you run only Tor on that box is best, if not make sure your apps > are properly secured (mysql not listening on public IP if it's not a > remote mysql server, strong passwords for mysql, ftp, etc.). > - - make sure only ports used by Tor are open. There is no need for > anything else. > - - if you use ssh for administration that is fine, just change the port > from 22 in /etc/ssh/sshd_config to some custom port, anything, like > 2988 or whatever. > - - permanently disabled plain password authentication or rhost > authentication in sshd_config and only allow key-based authentication > for better security and protection against weak password probing. > - - do not allow any other users for SSH access. > > Let me know if you have any other questions. I have done all that, so covered on that aspect. Was wondering if disk encryption and use of something like TRESOR would be useful? -kali- _______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
