[Dev] [consensus][due: 2016-08-10] increasing security in Parabola, servers
coadde
coadde at riseup.net
Tue Aug 2 21:42:29 GMT 2016
On 08/02/2016 05:08 AM, pelzflorian (Florian Pelz) wrote:
> On 08/01/2016 11:52 PM, Luke wrote:
>> On 07/30/2016 11:24 PM, coadde wrote:
>>> * Add TOR, DNSCrypt and VPN to increase security.
>> I could see a TOR Hidden Service and/or VPN into the server for
>> developers as being useful. However, unless we are planning to surf
>> around using the main server as a VPN (probably not a good idea?) there
>> isn't much need for DNSCrypt as others mentioned. This can be done
>> client-side.
>
> Why use a TOR Hidden Service? Hidden Services hide the server, not the
> client, and the Parabola server does not need to be hidden. TOR should
> be installed on the client, not the server.
>
> Similarly, IPv6 privacy extensions are not needed for a public server.
>
> I’m not quite sure what the plan was about VPN. Do you want the server
> to be a VPN client or a VPN server?
OK, DNSCrypt is not recommended.
VPN is useless as security, but use VPN like SSH is better option.
TOR is needed only for output network (like downloads), but not as a
server (for input networks)
IPv6 privacy extensions is only useful with link-local networks (fe80::).
link-local network is only useful with local networks, i prefer to
disable it for security.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.parabola.nu/pipermail/dev/attachments/20160802/d5575eca/attachment.sig>
More information about the Dev
mailing list