Re: [Full-disclosure] Tool Release - Tor Blocker

It is really unfortunate that most people that replied to this feel the need
to be haughty in their responses. I was simply trying to create a tool to
give back to the community. Our servers were comprimised by a tor user and I
saw the need to do my best to blacklist such users. If this is not your
need, then please respond to me personally with any suggestions you may
have, but do not start a public flame war like you are attempting.


Jason Areff
CISSP, A+, MCSE, Security+


----------
security through obscurity isnt security
----------



On 6/3/06, Valdis.Kletnieks@vt.edu <Valdis.Kletnieks@vt.edu> wrote:
> On Fri, 02 Jun 2006 23:47:38 CDT, str0ke said:
> > Umm what about the new ip addresses that are added to the tor network?
> >
> >
> http://serifos.eecs.harvard.edu/cgi-bin/exit.pl?sortbw=1&addr=1&textonly=1
>
> Ahh.. there we go.  Now a wget of that every once in a while, and a little
> bit of Perl kung-foo to build an 'addrs.h' file that gets #include'ed and
> then rebuild the module, and we're getting closer. ;)
>
> (And don't forget to throw out any alleged exit addresses in your own
> address space, and any other addresses you really don't want to block.
> It's embarassing when a clever hacker uses your own security routines to
> DoS you ;)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/