[Dev] [consensus][due: 2016-08-10] increasing security in Parabola, servers

pelzflorian (Florian Pelz) pelzflorian at pelzflorian.de
Wed Aug 3 07:29:42 GMT 2016

On 08/02/2016 11:42 PM, coadde wrote:
> OK, DNSCrypt is not recommended.
> VPN is useless as security, but use VPN like SSH is better option.

Would someone use a VPN offered by the server (other than SSH itself)?
Is it needed/useful to someone?

> TOR is needed only for output network (like downloads), but not as a
> server (for input networks)

TOR is probably better than no TOR for downloads. The added secrecy
still probably is not that important for a Parabola server, but if you
are willing to set it up, I won’t say no. It may make some targeted
attacks harder.

> IPv6 privacy extensions is only useful with link-local networks (fe80::).
> link-local network is only useful with local networks, i prefer to
> disable it for security.

I don’t understand how it adds security here. Parabola servers don’t
need to avoid tracking their IP, do they? Especially if you add TOR for
downloads. Do you mean that other devices in the same local network need
more effort to attack the Parabola server?

Thank you for your work on this.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.parabola.nu/pipermail/dev/attachments/20160803/be74586d/attachment.sig>

More information about the Dev mailing list