[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Tool Release - Tor Blocker

To: Jason Areff <hailtheczar@xxxxxxxxx>
Subject: Re: [Full-disclosure] Tool Release - Tor Blocker
From: Tonnerre Lombard <tonnerre.lombard@xxxxxxxxxx>
Date: Sat, 03 Jun 2006 13:22:00 +0200

Salut,

On Sat, 2006-06-03 at 00:21 -0400, Jason Areff wrote:
> It has come to our attention that the majority of tor users are not
> actually from china but are rather malicious hackers that (ab)use it
> to keep their anonymity.

At this point, I would like to ask you not to use this tool in the wild.
There is a whole lot of legitimate Tor users out there, and there are
enough reasons to use Tor for purposes other than splatting other
machines. For example (those applicable to me):

 * When I'm in the European Parliament, Tor is one of the only methods
   other than a VPN on port 80 to actually get traffic in and out. This
   again is helpful to have live communication of decisions/debates and
   to interact in a sensible way.
 * When I'm in the European Union, I don't want to be a suspected
   terrorist because I talk to my friends in Pakistan, Israel, Brazil,
   Honduras, Cuba etc. (about the latest NetBSD development etc. by the
   way)
 * Some of my security research usually gets me on the black lists of
   some federal police blah etc. because they consider everyone
   searching for that a terrorist. Yet I do it mostly to be up to date
   on certain developments in terms of security.

There are many more reasons which I also wrote a number of articles
about in various magazines and on various websites. There are a couple
of abusers of Tor, for sure. But by blocking them, you are also
preventing us from making legal use of this nice tool. And it really is
a nice tool.

Another thing to consider is:

Most of the attacks on your server are coming from the Internet, just
like a lot of SPAM, port scans, etc. There is little legitimate traffic,
as opposed to the local network where a lot of employees and backup
servers etc. are doing their work and nearly 80% of the traffic are
actually legitimate. Why not block the Internet then? Most of the time
you don't get the bastard spamass anyway.

                                Tonnerre
-- 
SyGroup GmbH
Tonnerre Lombard

Loesungen mit System
Tel:+41 61 333 80 33    Roeschenzerstrasse 9
Fax:+41 61 383 14 67    4153 Reinach
Web:www.sygroup.ch      tonnerre.lombard@xxxxxxxxxx

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Tool Release - Tor Blocker
  - From: John Sprocket

References:
- [Full-disclosure] Tool Release - Tor Blocker
  - From: Jason Areff

Prev by Date: [Full-disclosure] Blackhat USA 2006 - Review , remarks and proposal agenda
Next by Date: Re: re : [Full-disclosure] n3td3v agenda revealed
Previous by thread: Re: [Full-disclosure] Tool Release - Tor Blocker
Next by thread: Re: [Full-disclosure] Tool Release - Tor Blocker
Index(es):
- Date
- Thread