[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Tool Release - Tor Blocker
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] Tool Release - Tor Blocker
- From: "Marco Ermini" <markoer@xxxxxxxxxxx>
- Date: Sun, 4 Jun 2006 01:31:10 +0200
On 6/4/06, Bill Weiss <houdini+full-disclosure@xxxxxxxxxxxx> wrote:
[...]
1) Where did you get that list from? The Tor server I run (which has
been up continually for over a year) isn't in it.
2) Some of us use our Tor servers for "legitimate" traffic as well.
You'll block all of that traffic. Are you sure you don't want the
traffic of the 50+ people who use this server?
That's the same for me...
3) I think you've just suggested giving a webpage (one which may be
hostile towards your goals) control over who can and cannot access your
web server. What happens if one day that CGI hands you a list containing
every IP in your /24? I know that, if I ran said webpage, I would be
tempted to do so every once in a while.
Even if you're looking for addresses in your own address space, what
about other useful pages? Business partners, customers, etc.
4) As others have pointed out, bad choice of a signature for the
beginning of this thread :)
5) Rebuilding (reinserting, etc) the module every time the nodes list
changed (> 1 / day) would suck.
And these points are good, too.
Cheers
--
Marco Ermini
Dubium sapientiae initium. (Descartes)
root@human # mount -t life -o ro /dev/dna /genetic/research
http://www.markoer.org/ - https://www.linkedin.com/in/marcoermini
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/