[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address

To: <tor-relays@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address
From: "Igor Mitrofanov" <igor.n.mitrofanov@xxxxxxxxx>
Date: Wed, 4 Oct 2017 08:06:12 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 04 Oct 2017 11:06:46 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:references:in-reply-to:subject:date:message-id:mime-version :content-transfer-encoding:thread-index:content-language; bh=r30p2vDzdnYNTtqD5Tn8BlWVdOLA/taXhWlgO7LWD/A=; b=E5B4nEXYCQ9CbP1aaE5FD3oOzSRv9xF7woPDYSmcuMB4uMXoJbT5d+L9qnJvVI7kyW bZArDpufLnLedSCeIcv7G7CQozUypDWCD5iY2w9lGjaP5xMv/aQO30u7qUttB+fK4Gk9 boc8LDSJPXzn1KnL0N6DJ3ucm7dcDE9Zf/W6faFgmtX8RC2vpMLw7QUxht0ZSpzp8d9J 9WRh0zoojd5FnAhPJnpSTuAsK1qcvpw1Pu/QSXyPA4csjywjijh55mxB3FtWEWvXT0HJ 7MyurkmJ90AZbaE4RKLQJPNY3YC7LelRgz9pXGvSzOHeAYkgFU8if7CADDwd9a+NLdZ7 RDfA==
In-reply-to: <B5B80C49-47E8-4487-A033-5F84EE4CBA4C@gmail.com>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays $exit, non-exit, bridge$" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <658A3736-3456-45EE-BD3F-751266DF5282@riseup.net> <002301d33cd9$c9140aa0$5b3c1fe0$@gmail.com> <B5B80C49-47E8-4487-A033-5F84EE4CBA4C@gmail.com>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
Thread-index: AQHb0UK5ljFDZYCR34I6BAEriXocOwEdTvRVAbjFa1Ciq++2kA==

The instance I use for administrative purposes (SSH and APT) is a separate
one, client-only.

-----Original Message-----
From: tor-relays [mailto:tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx] On Behalf
Of teor
Sent: Wednesday, October 4, 2017 5:49 AM
To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] SSH brute force attempts to connect to my Middle
Relay IP address


> On 4 Oct 2017, at 02:26, Igor Mitrofanov <igor.n.mitrofanov@xxxxxxxxx>
wrote:
> 
> I have setup a (private, key-based) Tor hidden service for SSH
administration. It works well and leaves no extra open ports to attack.
> 
> If you also take advantage of package updates over Tor (via the local 
> SOCKS5 proxy that any Tor instance provides)

We don't recommend that you run a client and hidden service on the same tor
instance. It makes traffic correlation easier, because your traffic all goes
through the same guard. (There are probably some other reasons,
too.)

Depending on your threat model, this might not be an issue for you.

T

--
Tim / teor

PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
------------------------------------------------------------------------


_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address
  - From: Fr33d0m4all
- Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address
  - From: Igor Mitrofanov
- Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address
  - From: teor

Prev by Author: Re: [tor-relays] dnsmasq configuration for an exit relay (Debian)
Next by Author: Re: [tor-relays] dnsmasq configuration for an exit relay (Debian)
Previous by thread: Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address
Next by thread: Re: [tor-relays] SSH brute force attempts to connect to my Middle Relay IP address
Index(es):
- Author
- Thread