Hi Craig,
Fail2Ban, key only login, firewall, and timely updates will probably cover 99% of your risks (although I'd also suggest disabling / removing any unused services), however if you want to go further this is an excellent guide to linux security; http://crunchbang.org/forums/viewtopic.php?id=24722 . Cheers, Dan On 2014-02-06 07:04, Craig C-S wrote: > Thanks all for the advice! > > Things to do: > - I'll be looking to run Moxie Marlinspike's knockknock daemon soon as that > seems like a superior solution to port knocking and rate limiting. (big fan > of his work on TextSecure and RedPhone!) > - Run OpenSSH as a hiddenservice. This seems obvious now but had not occurred > to me. > - Look into Fail2Ban and DenyHosts and implement them. > > Done and thank you for the reminders! > - Automated daily updates via emerge > - Server hardening done with hardened-gentoo > - Moved to key auth for ssh > > Alan: > I'll keep you and the community updated if soyoustart.com [2] (OVH) has any > problem with the exit. Beyond forgetting to ban exits to 25 they have not > said anything! > > Thanks Alan, David and Robert! > > Craig > > On Wed, Feb 5, 2014 at 5:12 PM, I <beatthebasta...@inbox.com> wrote: > >> Also, if you know how set the operating system to update automatically to >> keep it secure. >> >> Robert >> >> _______________________________________________ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays [1] > > _______________________________________________ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays [1] -- Dan Rogers +44 7539 552349 skype: dan.j.rogers gpg key [3] linkedin [4] | songkick [5] | twitter [6] | spotify [7] | music [8] Links: ------ [1] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays [2] http://soyoustart.com [3] https://secure.techwang.com/gpg/public_key.txt [4] http://www.linkedin.com/in/danrogerslondon [5] http://www.songkick.com/users/music-is-math [6] http://twitter.com/danjrog [7] http://open.spotify.com/user/bonkbonkonk [8] http://holdingitwrong.com
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
