[tor-relays] does it make sense to close unused ports at a tor relay with iptables ?

Green Dream greendream848 at gmail.com
Thu Apr 28 18:25:41 UTC 2016

> The likes of GRC.COM <http://grc.com/> make you think that any port not
blocked... is bad.
> I wondered why if nothing there

Because there is a difference between a closed port and a filtered port.
Deny vs drop. The less of a fingerprint you offer to attackers, the better.
It's security by obscurity to an extent, but even a response from a closed
port can give away clues about the software, OS and network stack that's
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160428/4bfa79c4/attachment.html>

More information about the tor-relays mailing list