1
0
Fork 0
mirror of https://git.sr.ht/~seirdy/seirdy.one synced 2024-11-15 09:52:10 +00:00
seirdy.one/content/notes/mullvad-audit.md
2022-06-26 22:10:34 -07:00

687 B

title date
Mullvad audit 2022-06-26T22:10:33-07:00

Mullvad's recent audit by Assured AB was a bit concerning to me. Fail2ban and user-writable scripts running as root is not the sort of thing I'd expect in a service whose only job is to provide a secure relay.

Avoiding and guarding root should be Sysadmin 101 material.

I recommend any amateur Linux admins read audit reports like this. While some low-priority recommendations are a but cargo-cultish, most advice is pretty solid. Frankly, much of this is the sort of thing a good admin should catch well before a proper audit.