Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] Tool Release - Tor Blocker

from [Tonnerre Lombard] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] Tool Release - Tor Blocker
Date: Sat, 03 Jun 2006 13:22:00 +0200 
Salut,

On Sat, 2006-06-03 at 00:21 -0400, Jason Areff wrote:

It has come to our attention that the majority of tor users are not
actually from china but are rather malicious hackers that (ab)use it
to keep their anonymity.


At this point, I would like to ask you not to use this tool in the wild.
There is a whole lot of legitimate Tor users out there, and there are
enough reasons to use Tor for purposes other than splatting other
machines. For example (those applicable to me):

 * When I'm in the European Parliament, Tor is one of the only methods
   other than a VPN on port 80 to actually get traffic in and out. This
   again is helpful to have live communication of decisions/debates and
   to interact in a sensible way.
 * When I'm in the European Union, I don't want to be a suspected
   terrorist because I talk to my friends in Pakistan, Israel, Brazil,
   Honduras, Cuba etc. (about the latest NetBSD development etc. by the
   way)
 * Some of my security research usually gets me on the black lists of
   some federal police blah etc. because they consider everyone
   searching for that a terrorist. Yet I do it mostly to be up to date
   on certain developments in terms of security.

There are many more reasons which I also wrote a number of articles
about in various magazines and on various websites. There are a couple
of abusers of Tor, for sure. But by blocking them, you are also
preventing us from making legal use of this nice tool. And it really is
a nice tool.

Another thing to consider is:

Most of the attacks on your server are coming from the Internet, just
like a lot of SPAM, port scans, etc. There is little legitimate traffic,
as opposed to the local network where a lot of employees and backup
servers etc. are doing their work and nearly 80% of the traffic are
actually legitimate. Why not block the Internet then? Most of the time
you don't get the bastard spamass anyway.

                                Tonnerre
-- 
SyGroup GmbH
Tonnerre Lombard

Loesungen mit System
Tel:+41 61 333 80 33    Roeschenzerstrasse 9
Fax:+41 61 383 14 67    4153 Reinach
Web:www.sygroup.ch      tonnerre.lombard@sygroup.ch

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-disclosure] Blackhat USA 2006 - Review , remarks and proposal agenda, newslist@security-briefings.com
Next by Date:  Re: re : [Full-disclosure] n3td3v agenda revealed, n3td3v
Previous by Thread:  Re: [Full-disclosure] Tool Release - Tor Blocker, Valdis . Kletnieks
Next by Thread:  Re: [Full-disclosure] Tool Release - Tor Blocker, John Sprocket
Indexes:  [Date] [Thread] [Top] [All Lists]