Thanks all for the advice!
Things to do: - I'll be looking to run Moxie Marlinspike's knockknock daemon soon as that seems like a superior solution to port knocking and rate limiting. (big fan of his work on TextSecure and RedPhone!) - Run OpenSSH as a hiddenservice. This seems obvious now but had not occurred to me. - Look into Fail2Ban and DenyHosts and implement them.
Done and thank you for the reminders! - Automated daily updates via emerge - Server hardening done with hardened-gentoo - Moved to key auth for ssh
Alan: I'll keep you and the community updated if soyoustart.com (OVH) has any problem with the exit. Beyond forgetting to ban exits to 25 they have not said anything!
Thanks Alan, David and Robert!
Craig
On Wed, Feb 5, 2014 at 5:12 PM, I beatthebastards@inbox.com wrote:
Also, if you know how set the operating system to update automatically to keep it secure.
Robert
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays