[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-disclosure] Blocking Tor is not the right way forward. It may just be the right way backward.
- To: "Joel Jose" <joeljose420@xxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: RE: [Full-disclosure] Blocking Tor is not the right way forward. It may just be the right way backward.
- From: "Ali-Reza Anghaie" <ali@xxxxxxxxxxxxxxx>
- Date: Sat, 3 Jun 2006 01:24:43 -0400
Forget hackers versus 'freedom', etc. for a moment. I'm trying to figure
out why a server or firewall administrator would subject themselves to
semi-dynamic rules by using a resource like
http://serifos.eecs.harvard.edu/cgi-bin/exit.pl?textonly=1 in the first
place.
Lets see... wait for the first time ~that site~ gets compromised and you
pull a nice list of address space for major ISPs. Or when Tor servers
are run on/NAT at the border and the IPs are the same as a major
'legitimate' proxies. Or you pull a poisoned DNS record and don't see
that site at all but get a nicely planted fake list.
Yeah, a majority of 'abusers' aren't going to go to great length but
then again that majority aren't the people you're worried about in the
first place.
I say if you have the excess energy audit code, fuzz, install
application protocol proxies, etc. and don't bother with blacklists.
-Ali
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/