Re: [Full-disclosure] Tool Release - Tor Blocker

Jason Areff Sat, 03 Jun 2006 07:32:51 -0700

It is really unfortunate that most people that replied to this feel the need to be haughty in their responses. I was simply trying to create a tool to give back to the community. Our servers were comprimised by a tor user and I saw the need to do my best to blacklist such users. If this is not your need, then please respond to me personally with any suggestions you may have, but do not start a public flame war like you are attempting.

Jason Areff
CISSP, A+, MCSE, Security+

----------
security through obscurity isnt security
----------

On 6/3/06, [EMAIL PROTECTED] <[EMAIL PROTECTED] > wrote:

On Fri, 02 Jun 2006 23:47:38 CDT, str0ke said:
> Umm what about the new ip addresses that are added to the tor network?
>
> http://serifos.eecs.harvard.edu/cgi-bin/exit.pl?sortbw=1&addr=1&textonly=1

Ahh.. there we go. Now a wget of that every once in a while, and a little
bit of Perl kung-foo to build an 'addrs.h' file that gets #include'ed and
then rebuild the module, and we're getting closer. ;)

(And don't forget to throw out any alleged exit addresses in your own
address space, and any other addresses you really don't want to block.
It's embarassing when a clever hacker uses your own security routines to
DoS you ;)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Tool Release - Tor Blocker

Reply via email to