Re: [Full-disclosure] Tool Release - Tor Blocker



Recently our servers were hacked by a tor user and we were unable to prosecute due to not being able to trace the source as the user was using this malicious piece of software to keep his/her anonymity.

TOR isn't malicious. Privacy is a precious thing these days.

Don't blame TOR because you failed to secure your Apache install. Your .sig line is funny, considering just blocking TOR with a 403 is really just smoke and mirrors.

To mitigate most tor attackers we've written an apache module designed to give tor users a 403 error when visiting a specific website. We suggest all administrators whom do not wish a malicious tor user to visit and possibly deface their website to enable the usage of this module. This may not get all attackers, but hopefully it raises the security bar just a little bit more to safeguard ourselves from hackers.

Why not just use mod_access_rbl and something like : http://www.ahbl.org/notices/tor.php

/mike.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • Re: Browser versus Java URLConnection
    ... so that a website generally behaves ... I see that Tor has already answered. ... afraid. ...
    (comp.lang.java.programmer)
  • Re: Using Tor in Firefox
    ... I don't want to use Tor for all my website ... connections but there are certain websites that I want to use Tor, ... activate the Firefox button. ...
    (Ubuntu)
  • Response to a question of a year ago :)
    ... There was this question on this group a long time ago about someone who was using tor to access a website and found a police warning saying that it had been shut down and invited him to report himself in, to much of his amazement the warning was written in his little spoken language, even though his IP was anonymous. ...
    (alt.privacy)
  • Javacript and IP with Tor.
    ... Am I right in thinking that if using Tor and Privoxy and JavaScript one's IP cannot be discovered by the website one is connecting to UNLESS you also have Java enabled. ...
    (alt.privacy)
  • Re: Something to read
    ... Truecrypt, http://www.truecrypt.org/downloads ... These programs offer a good degree of both anonymity and privacy. ... Tor, then it seems like a way to hide what you are doing. ... One of the most useful attributes of Tor are its hidden services. ...
    (alt.privacy)