Full Disclosure mailing list archives
RE: Tool Release - Tor Blocker
From: "Dixon, Wayne" <wcdixo () aurora lib il us>
Date: Mon, 5 Jun 2006 11:47:09 -0500
So why not have a file that it looks up instead of having to recompile for every IP change, and look up the file on restart? Wayne -----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Bill Weiss Sent: Saturday, June 03, 2006 6:16 PM To: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] Tool Release - Tor Blocker Valdis.Kletnieks () vt edu(Valdis.Kletnieks () vt edu)@Sat, Jun 03, 2006 at 12:59:31AM -0400:
On Fri, 02 Jun 2006 23:47:38 CDT, str0ke said:Umm what about the new ip addresses that are added to the tor network? http://serifos.eecs.harvard.edu/cgi-bin/exit.pl?sortbw=1&addr=1&text only=1Ahh.. there we go. Now a wget of that every once in a while, and a little bit of Perl kung-foo to build an 'addrs.h' file that gets #include'ed and then rebuild the module, and we're getting closer. ;) (And don't forget to throw out any alleged exit addresses in your own address space, and any other addresses you really don't want to block.
It's embarassing when a clever hacker uses your own security routines to DoS you ;)
Responding to Jason more than you, Valdis. Excuse me. Several remarks: 1) Where did you get that list from? The Tor server I run (which has been up continually for over a year) isn't in it. 2) Some of us use our Tor servers for "legitimate" traffic as well. You'll block all of that traffic. Are you sure you don't want the traffic of the 50+ people who use this server? 3) I think you've just suggested giving a webpage (one which may be hostile towards your goals) control over who can and cannot access your web server. What happens if one day that CGI hands you a list containing every IP in your /24? I know that, if I ran said webpage, I would be tempted to do so every once in a while. Even if you're looking for addresses in your own address space, what about other useful pages? Business partners, customers, etc. 4) As others have pointed out, bad choice of a signature for the beginning of this thread :) 5) Rebuilding (reinserting, etc) the module every time the nodes list changed (> 1 / day) would suck. -- Bill Weiss _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Tool Release - Tor Blocker, (continued)
- Re: Tool Release - Tor Blocker Andrew Farmer (Jun 02)
- Re: Tool Release - Tor Blocker Valdis . Kletnieks (Jun 02)
- Re: Tool Release - Tor Blocker Jason Areff (Jun 03)
- Re: Tool Release - Tor Blocker Alexander Sotirov (Jun 03)
- Re: Tool Release - Tor Blocker Jacob Weeks (Jun 03)
- Re: Tool Release - Tor Blocker Tonnerre Lombard (Jun 03)
- RE: Tool Release - Tor Blocker php0t (Jun 03)
- Re: Tool Release - Tor Blocker Bill Weiss (Jun 03)
- Re: Tool Release - Tor Blocker Bill Weiss (Jun 03)
- Re: Tool Release - Tor Blocker Marco Ermini (Jun 03)
- RE: Tool Release - Tor Blocker Dixon, Wayne (Jun 05)
- Re: Tool Release - Tor Blocker John Sprocket (Jun 03)
- Re: Tool Release - Tor Blocker mz4ph0d (Jun 05)
- Re: Tool Release - Tor Blocker Tonnerre Lombard (Jun 03)
- Re: Tool Release - Tor Blocker Jason Areff (Jun 03)