[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] 7 relays gone because of spammers



Hi ZEROF,

I had fail2ban, harden (which includes tiger, tripwire, logcheck, plus
MANY others), all the fancy log checkers, rkhunter and clamav,
unattended-upgrades, and had all logs emailed to me on a daily basis. It
was tedious to go through, but I was trying to do my due diligence.

I disabled root login, changed ssh port (security through obscurity -
damn right, but I kept it in the privileged range.)
-------------------
Each password was a minimum of 32 characters, alphanumeric plus symbols.
No two passwords were alike, or remotely similar.
(No, I didn't use keys :@)

I checked "how secure is my password", and this is the result:
	It would take a desktop PC about
	21 quattuordecillion years
	to crack your password

I had to look quattuordecillion up, as my spell checker doesn't know
what it means. In the US, it means 1, followed up 45 zeros.
(In the UK it is 10^84, but I believe the website is American so I'm
sticking with ^45)
---------------
I disabled as many services as I could reasonably tolerate. I removed
world rights to as much as I could think. I did everything I could think
of to make each VPS effectively useless except for running a Tor relay.

My firewall matched my Reduced Exit Policy, plus my "secret" ssh port.

----
I never thought about the honey-pot... That's a good one.


Speak Freely
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays