[tor-relays] Intrusion Prevention System Software - Snort or Suricata
oconor at email.cz
oconor at email.cz
Thu Oct 6 10:12:38 UTC 2016
There is a possibility of parsing log of IPS a do actions with the policies.
"On 05.10.2016 16:03, Andreas Krey wrote:
> Everything to the OR port needs to pass in, esp. when you act as a
> guard, and fail2banning the ssh port, hmm. Everything else is closed
> anyway.
What I meant is that I can see a use for automation when it comes to
securing a server -- not necessarily a dedicated Tor node, which, like
you correctly mentioned, probably only has ports for SSH and Tor opened
anyway -- from malicious inbound traffic.
Outbound traffic is a different beast. In a Tor server context, I don't
see what kind of automation might be able to generate policies. Also, I
don't like the idea of automated (self-)censorship on Tor exits.
-Ralph
_______________________________________________
tor-relays mailing list
tor-relays at lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20161006/f063d3c2/attachment.html>
More information about the tor-relays
mailing list