On Wed, Jun 18, 2014 at 3:01 AM, Alexander Fortin alexander.fortin@gmail.com wrote:
On 17. Juni 2014 at 23:56:43, Zack Weinberg (zackw@cmu.edu) wrote:
It would be nice if exit-relay mode enabled an HTTP "exit notice" as described at https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment.
Point 4 says: "If you run your DirPort on port 80”. Should it be enabled only when DirPort = 80?
Best practice as I understand it is that you should have an exit notice on all exit relays. What I'm not sure of is whether "DirPort 80 + DirPortFrontPage" is the recommended way to accomplish that. The CMU Tor exit uses a separate lighttpd install, I think primarily because we didn't know about DirPortFrontPage when we set it up. I can make a case either way - less software = less attack surface; separate install = compartmentalization.
As long as we're talking about exits, a nice touch would be to include the reduced exit policy as an option ( https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy ); the ideal would be a three-way choice of not an exit / wide-open exit / reduced exit (no email or BitTorrent) plus a place to add local exit rules.
Tor relays get pounded on by the script kiddies -- a degree of hardening is appropriate. I don't know if there are any stock Puppet "tighten security" modules [...]
I don’t know of any such ‘security silver bullet module’ I am afraid :)
I poked around in the Puppet module archive and found some; I'm not sure how good they are, though.
About the security enhancements, they are definitely interesting, but to me seems they are out of the scope of the ‘install relay’ Puppet module itself, and also against the usual modular approach of Puppet modules. First, my understanding is that having a node with only Tor running is suggested, but not mandatory, but in any case, those enhancements are more suitable for a separate 'tor-security’ like module that one may or may not be interested in.
Yeah, I think if I were building this (regrettably, I don't have time to help more than I already have) there would be a "just install the software with configuration X" module, and then a "image this entire machine as a Tor relay" module that set up everything one might want.
zw