[tor-bugs] #13703 [Tor]: Adding doc/HARDENING
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Nov 7 17:02:48 UTC 2014
#13703: Adding doc/HARDENING
----------------------------------------------+----------------------------
Reporter: mmcc | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Tor | Version: Tor:
Keywords: hardening, security, opsec, docs | unspecified
Parent ID: | Actual Points:
| Points:
----------------------------------------------+----------------------------
The two text files currently in the doc directory are doc/HACKING and
doc/TUNING. The latter is the only one that deals with relay operation,
and its subject is oddly specific: increasing the maximum number of file
descriptors. If we're going to put critical documentation in the codebase,
I think it would also be worthwhile to have a basic hardening guide. It
could include suggestions like:
* allowing only public key non-root SSH login
* using a firewall
* keeping your system up-to-date
* not running any other programs (especially networked ones)
* considering hardened or security-focused OS choices
Nick suggested that most of the actual information be contained in
referenced links, which I agree with. There's no good reason to duplicate
effort when there are, for example, so many good SSH hardening guides.
Let me know what you think, or if you have any contributions. If this is
generally considered a good idea, I can start writing a draft.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13703>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list