[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] iptables / dump

To: <tor-relays@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-relays] iptables / dump
From: Sebastian Urbach <sebastian@xxxxxxxxxx>
Date: Sat, 15 Nov 2014 18:05:45 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 15 Nov 2014 12:05:59 -0500
In-reply-to: <CAHZ_Ajsf_AWmv6n5qZTOpj0uYqiRXpASoJTZGYAaNp2yxR_jCQ@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <14999cbc648.27ae.e04ee758f2dadc1889b5b423dda555f9@xxxxxxxxxx> <546703ED.8040005@xxxxxxx> <149b2d84bc0.27ae.e04ee758f2dadc1889b5b423dda555f9@xxxxxxxxxx> <CAHZ_Ajsf_AWmv6n5qZTOpj0uYqiRXpASoJTZGYAaNp2yxR_jCQ@xxxxxxxxxxxxxx>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 AquaMail/1.5.0.19 (build: 2100846)

On November 15, 2014 1:53:50 PM eric gisse <jowr.pi@xxxxxxxxx> wrote:

Hi,

Sebastian, how do you distinguish between the usual low level noise of
ssh brute force bots out there from more invasive attacks?


There is a bunch of other software (ids etc.) for that.

Because this list is most likely just a bunch of internet background noise.


It is, thats why i wrote "usual suspects" ;-)

Honestly, the safest thing to do is to NOT USE PASSWORD BASED LOGINS.
But what would be even better is to firewall ssh out so you can't get
in except from specific ips and/or through say port knocking.

Im aware of that but the sad truth is that i have to make some compromiseseven if i really don't like them :-(


But that is a whole other story, i'm afraid.

Sebastian


_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] iptables / dump
  - From: Sebastian Urbach
- Re: [tor-relays] iptables / dump
  - From: Ch'Gans
- Re: [tor-relays] iptables / dump
  - From: Sebastian Urbach
- Re: [tor-relays] iptables / dump
  - From: eric gisse

Prev by Author: Re: [tor-relays] iptables / dump
Next by Author: Re: [tor-relays] FYI: ISP's and blocked Authorities
Previous by thread: Re: [tor-relays] iptables / dump
Next by thread: Re: [tor-relays] Node Operators Web Of Trust (Spencer Rhodes)
Index(es):
- Author
- Thread