Hi Shawn,
I looked at HardenedBSD and have actually moved to a different VPS so that can I use HBSD. FreeBSD was the only option I had at the time but both instances crashed repeatedly and it got so frustrating that I gave up on FreeBSD. I will give HardenedBSD a go.
Cheers, Dan
Sent from ProtonMail for iOS
On Wed, Mar 31, 2021 at 10:12 AM, Shawn Webb shawn.webb@hardenedbsd.org wrote:
On Wed, Mar 31, 2021 at 01:09:45PM +0200, René Ladan wrote:
On 30-03-2021 15:47, Shawn Webb wrote:
On Tue, Mar 30, 2021 at 02:36:36AM +0000, xplato wrote:
Greetings,
I am a bit of a noob here so please bear with me. I ran a relay using Ubuntu with very few issues however I decide to add an additional relay and decided to use FreeBSD. They will only run for around 18 hours and then they shut down. I have adjust the torrc file every way I know how and increased the Max vnodes thinking this may have been my issue. I can post the sysrc and torrc if needed. Anyone that might help me figure this out I would be grateful otherwise I am going to reluctantly move them both back to Ubuntu.
Emerald Onion runs over twenty Tor exit nodes on HardenedBSD 12 and 13. Given Tor's need for security, you might want to consider using HardenedBSD, a derivative of FreeBSD that implements exploit mitigations and security hardening technologies. FreeBSD's state of security leaves much to be desired. Tor's relay operators and users really should at least have exploit mitigations like ASLR and W^X applied.
But it won't fix the problem at hand, unless memory management in HardenedBSD is different than in FreeBSD.
Memory management is indeed different in HardenedBSD than in FreeBSD. HardenedBSD implemented a clean-room version of grsecurity's PaX ASLR. FreeBSD's version of ASLR, more appropriately called ASR, has known issues. HardenedBSD's does not.
Thanks,
-- Shawn Webb Cofounder / Security Engineer HardenedBSD
https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4... _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays