[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] My VPS relay has just been hacked



For what it's worth, there's an operational security document on the Tor
wiki:

https://trac.torproject.org/projects/tor/wiki/doc/OperationalSecurity

However, that document covers more advanced techniques mostly intended
for serious attackers such as government agencies. Others have already
mentioned to you the simplest options, which should keep you safe from
automated botnet hackers. These include: allow only public key
authentication on SSH, use fail2ban or sshguard, update frequently, and
don't run anything unnecessary (a torrent client, an HTTP/FTP server).

Some relevant links:

https://help.ubuntu.com/community/SSH/OpenSSH/Keys (if you're only going
to read/do one thing, make it this)

https://www.debian.org/doc/manuals/securing-debian-howto/index.en.html#contents

-Libertas
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays