Jason Areff wrote: > To mitigate most tor attackers we've written an apache module designed > to give tor users a 403 error when visiting a specific website. We > suggest all administrators whom do not wish a malicious tor user to > visit and possibly deface their website to enable the usage of this > module. This may not get all attackers, but hopefully it raises the > security bar just a little bit more to safeguard ourselves from hackers.
Why write code when you can use what already exists? TORbl: http://www.ahbl.org/docs/torbl.php Apache mod_access_rbl: http://www.blars.org/mod_access_rbl.html -naif _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
