RE: [Full-disclosure] Tool Release - Tor Blocker
- From: "Dixon, Wayne" <wcdixo@xxxxxxxxxxxxxxxx>
- Date: Mon, 5 Jun 2006 11:47:09 -0500
So why not have a file that it looks up instead of having to recompile
for every IP change, and look up the file on restart?
Wayne
-----Original Message-----
From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of Bill
Weiss
Sent: Saturday, June 03, 2006 6:16 PM
To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Tool Release - Tor Blocker
Valdis.Kletnieks@xxxxxx(Valdis.Kletnieks@xxxxxx)@Sat, Jun 03, 2006 at
12:59:31AM -0400:
On Fri, 02 Jun 2006 23:47:38 CDT, str0ke said:
Umm what about the new ip addresses that are added to the tor
network?
http://serifos.eecs.harvard.edu/cgi-bin/exit.pl?sortbw=1&addr=1&text
only=1
Ahh.. there we go. Now a wget of that every once in a while, and a
little bit of Perl kung-foo to build an 'addrs.h' file that gets
#include'ed and then rebuild the module, and we're getting closer. ;)
(And don't forget to throw out any alleged exit addresses in your own
address space, and any other addresses you really don't want to block.
It's embarassing when a clever hacker uses your own security routines
to DoS you ;)
Responding to Jason more than you, Valdis. Excuse me.
Several remarks:
1) Where did you get that list from? The Tor server I run (which has
been up continually for over a year) isn't in it.
2) Some of us use our Tor servers for "legitimate" traffic as well.
You'll block all of that traffic. Are you sure you don't want the
traffic of the 50+ people who use this server?
3) I think you've just suggested giving a webpage (one which may be
hostile towards your goals) control over who can and cannot access your
web server. What happens if one day that CGI hands you a list
containing every IP in your /24? I know that, if I ran said webpage, I
would be tempted to do so every once in a while.
Even if you're looking for addresses in your own address space, what
about other useful pages? Business partners, customers, etc.
4) As others have pointed out, bad choice of a signature for the
beginning of this thread :)
5) Rebuilding (reinserting, etc) the module every time the nodes list
changed (> 1 / day) would suck.
--
Bill Weiss
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- References:
- Re: [Full-disclosure] Tool Release - Tor Blocker
- From: Bill Weiss
- Re: [Full-disclosure] Tool Release - Tor Blocker
- Prev by Date: Re: [Full-disclosure] Is your security 6/6/6 ready?
- Next by Date: [Full-disclosure] file upload widgets in IE and Firefox have issues
- Previous by thread: Re: [Full-disclosure] Tool Release - Tor Blocker
- Next by thread: Re: [Full-disclosure] Tool Release - Tor Blocker
- Index(es):
Relevant Pages
|
