[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
There is a possibility of parsing log of IPS a do actions with the policies.
On 05.10.2016 16:03, Andreas Krey wrote:
> Everything to the OR port needs to pass in, esp. when you act as a
> guard, and fail2banning the ssh port, hmm. Everything else is closed
> anyway.
What I meant is that I can see a use for automation when it comes to
securing a server -- not necessarily a dedicated Tor node, which, like
you correctly mentioned, probably only has ports for SSH and Tor opened
anyway -- from malicious inbound traffic.
Outbound traffic is a different beast. In a Tor server context, I don't
see what kind of automation might be able to generate policies. Also, I
don't like the idea of automated (self-)censorship on Tor exits.
-Ralph
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays