LA_FORGE hat geschrieben:These addresses are used as an yacy-internal identifier and are not resolvable/reachable on the internet.
However, they do uniquely identify a host within yacy network, right? So what I'm trying to understand is what are those hosts trying to do, and this does not necessarily mean I'm suspecting of someone's bad behaviour. I would just like to understand it, maybe know which yacy functionality from other peer results in those kind of connections. If I want to customize modsecurity, I have to make sure I know which are the good connections, which aren't. Just that.
LA_FORGE hat geschrieben:I`m working as an security engineer and I'm participating over 6 years in the YaCy Community. I`m able to assure that YaCy doesn't have any spy or phonehome features built in. When you sceptical about your security I recommend to install an intrusion detection system such as Snort.
By no means was I sugesting the existence of such features in yacy. My line of thought goes more in the direction of realizing which tweaks I need to do either in my yacy peer and modsecurity.
I'm very glad to hear that you and others are working on to improve yacy even more, and security, those days, is certainly an area that deserves attention.
Please take note that I'm a strong believer of yacy and it's not for other reason that I'm running 24 x 7, for more than six months now, my own peer in senior mode.
Finally, thanks for the tip on Snort. I didn't know that tool and will consider using it.