[tor-relays] Intrusion Prevention System Software - Snort or Suricata
Ralph Seichter
tor-relays-ml at horus-it.de
Wed Oct 5 15:18:52 UTC 2016
On 05.10.2016 16:03, Andreas Krey wrote:
> Everything to the OR port needs to pass in, esp. when you act as a
> guard, and fail2banning the ssh port, hmm. Everything else is closed
> anyway.
What I meant is that I can see a use for automation when it comes to
securing a server -- not necessarily a dedicated Tor node, which, like
you correctly mentioned, probably only has ports for SSH and Tor opened
anyway -- from malicious inbound traffic.
Outbound traffic is a different beast. In a Tor server context, I don't
see what kind of automation might be able to generate policies. Also, I
don't like the idea of automated (self-)censorship on Tor exits.
-Ralph
More information about the tor-relays
mailing list