Thanks all for the advice!

Things to do:
- I'll be looking to run Moxie Marlinspike's knockknock daemon soon as that seems like a superior solution to port knocking and rate limiting. (big fan of his work on TextSecure and RedPhone!)
- Run OpenSSH as a hiddenservice.  This seems obvious now but had not occurred to me.
- Look into Fail2Ban and DenyHosts and implement them.

Done and thank you for the reminders!
- Automated daily updates via emerge
- Server hardening done with hardened-gentoo
- Moved to key auth for ssh

Alan:
I'll keep you and the community updated if soyoustart.com (OVH) has any problem with the exit.  Beyond forgetting to ban exits to 25 they have not said anything!

Thanks Alan, David and Robert!

Craig




On Wed, Feb 5, 2014 at 5:12 PM, I <beatthebastards@inbox.com> wrote:
Also, if you know how set the operating system to update automatically to keep it secure.

Robert


_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays