Re: Tool Release - Tor Blocker

[Andrew Farmer <andfarm () gmail com>]

On 02 Jun 06, at 21:47, str0ke wrote:
> Umm what about the new ip addresses that are added to the tor network?
>
> http://serifos.eecs.harvard.edu/cgi-bin/exit.pl? 
> sortbw=1&addr=1&textonly=1
>
> This wouldn't really be a complete fix.

Not to mention that:

1] Some of the IP addresses in this module won't be matched properly,  
as they
   contain leading spaces.

2] More importantly, this module could be replaced with some extra  
Apache
   configuration (Deny stanzas), or by iptables configuration,  
assuming you
   aren't brain-dead enough to run a web server under Windows.

3] Even more importantly, this module's author fails to recognize the  
existence
   of anonymous HTTP proxies, which are - if anything - easier and  
more commonly
   used than TOR.

4] Even MORE importantly, this module's author fails to recognize the  
importance
   of hardening a server against attacks, rather than trying (and  
failing) to
   block possible sources of attack.

Attachment: PGP.sig
Description: This is a digitally signed message part

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/