Re: [Full-disclosure] Tool Release - Tor Blocker
- From: Michael Holstein <michael.holstein@xxxxxxxxxxx>
- Date: Mon, 05 Jun 2006 09:18:27 -0400
Recently our servers were hacked by a tor user and we were unable to prosecute due to not being able to trace the source as the user was using this malicious piece of software to keep his/her anonymity.
TOR isn't malicious. Privacy is a precious thing these days.
Don't blame TOR because you failed to secure your Apache install. Your .sig line is funny, considering just blocking TOR with a 403 is really just smoke and mirrors.
To mitigate most tor attackers we've written an apache module designed to give tor users a 403 error when visiting a specific website. We suggest all administrators whom do not wish a malicious tor user to visit and possibly deface their website to enable the usage of this module. This may not get all attackers, but hopefully it raises the security bar just a little bit more to safeguard ourselves from hackers.
Why not just use mod_access_rbl and something like : http://www.ahbl.org/notices/tor.php
/mike.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- References:
- [Full-disclosure] Tool Release - Tor Blocker
- From: Jason Areff
- [Full-disclosure] Tool Release - Tor Blocker
- Prev by Date: Re: [Full-disclosure] Multiple Vendor NTFS Data Stream Malware Stealth Technique
- Next by Date: [Full-disclosure] Personal Information Disclosure/Account Hijacking Vulerability in mafia online games
- Previous by thread: Re: [Full-disclosure] Tool Release - Tor Blocker
- Next by thread: Re: [Full-disclosure] Tool Release - Tor Blocker
- Index(es):
Relevant Pages
|
