[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Scripted installer of Tor and more being worked on at GitHub, ya may want to sit down for this...

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Scripted installer of Tor and more being worked on at GitHub, ya may want to sit down for this...
From: coderman <coderman@xxxxxxxxx>
Date: Mon, 1 Feb 2016 13:20:01 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 01 Feb 2016 07:20:13 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=2u26aVmo9Jy+W3j0OKwdvzvRce2VMavS3fSzCde0Mns=; b=io3TpSpF5I6qeUsKmniRfYAAShqF/S2QH8I0h/b1cpZhmNznYQ3neiYJ44B7cMZ3U5 I3FoLPi3Xl2ADGSc582D7zxzZWlBIOBXkip0sNYoGiStWk1pAaBXgvleeHjpMNjnYLxd AwC+2p4qgpeePKOjOuHAhP2LUHskegIg76j8s3hjuWRPMLsBjRqvB5klLSwDSOd+vt9E 8yAUynyqug2gBIASOxlE0/ED2GrAO1iXO+q9DL+uYmhVBLpTdLx823VReVPwfM3ar4j1 NFm/S6EPMnFcGuQ1xDxJD5dZccfbE2AJ/sxUODen1uori9/fQXPZdxZM1ZCF3+r4v4tG dBxQ==
In-reply-to: <C7FBA10B-7C46-4464-AF60-EAA715B5A70C@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <0C175F9B-9446-41E7-9479-A52E3589F379@xxxxxxxxx> <CAJVRA1SX3wFFm519DXQsYcRYSkRbzJDXJGe+ctj=V1Yeon47yg@xxxxxxxxxxxxxx> <C70326E8-0427-4D41-9B0D-4F7D0767D4E1@xxxxxxxxx> <CAFN1edpi8F=7rGz5HVk5KMFPPLGrgnYCsAarVQMno0AdeRaZ6Q@xxxxxxxxxxxxxx> <C83CD66C-0737-421D-8F24-C128A698BEC9@xxxxxxxxx> <CAFN1edrZn0pMAAsYYkBJrThdxMgVpOsw3xtwXyYTTH+okKkVOg@xxxxxxxxxxxxxx> <9C7C7D1C-06A3-4589-923F-C8C50BC222A4@xxxxxxxxx> <CAFN1edrawns_+LTOAnjs4_VAikKm4A1t9CU+3FrEW_YkAXnjeA@xxxxxxxxxxxxxx> <CAJVRA1T778ANkQwTZ6qFwAhxCxUfXpp=ZAYuU9K1WY+_HzKWeQ@xxxxxxxxxxxxxx> <C7FBA10B-7C46-4464-AF60-EAA715B5A70C@xxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On 2/1/16, Michael <strangerthanbland@xxxxxxxxx> wrote:
> ...
> My last question (for now) has to do with Fail2Ban and hidden services.
>
> My question is would you all prefer that separate jail.local configuration
> blocks be written for each Tor service port individually, ei failing one
> port
> doesn't ban from a possible second hidden service port, or is a fail one
> ban'em all sufficient?

please allow a single default jail.local to be used in one or any Tor
service port configurations, including hidden service port
configurations.

then also allow each distinct configuration (IP:port, unix_domain,
etc) of any Tor service configuration to be blocked individually.

the latter is very useful for power users / multiple onion service
operators who use service isolation intentionally to mitigate concerns
of directed attacks, denial of service, or related risks.

(there might be a better way than a sane default, with optional
per-endpoint limits; that's my favorite approach to this question for
now.)

best regards,
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Scripted installer of Tor and more being worked on at GitHub, ya may want to sit down for this...
  - From: Michael

Prev by Author: Re: [tor-talk] Exit Traffic classification and discrimination
Next by Author: Re: [tor-talk] Using SDR
Previous by thread: Re: [tor-talk] 4 relays advertising >1000 MByte/s each
Next by thread: Re: [tor-talk] Scripted installer of Tor and more being worked on at GitHub, ya may want to sit down for this...
Index(es):
- Author
- Thread