lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat Jun  3 12:22:12 2006
From: tonnerre.lombard at sygroup.ch (Tonnerre Lombard)
Subject: Tool Release - Tor Blocker

Salut,

On Sat, 2006-06-03 at 00:21 -0400, Jason Areff wrote:
> It has come to our attention that the majority of tor users are not
> actually from china but are rather malicious hackers that (ab)use it
> to keep their anonymity.

At this point, I would like to ask you not to use this tool in the wild.
There is a whole lot of legitimate Tor users out there, and there are
enough reasons to use Tor for purposes other than splatting other
machines. For example (those applicable to me):

 * When I'm in the European Parliament, Tor is one of the only methods
   other than a VPN on port 80 to actually get traffic in and out. This
   again is helpful to have live communication of decisions/debates and
   to interact in a sensible way.
 * When I'm in the European Union, I don't want to be a suspected
   terrorist because I talk to my friends in Pakistan, Israel, Brazil,
   Honduras, Cuba etc. (about the latest NetBSD development etc. by the
   way)
 * Some of my security research usually gets me on the black lists of
   some federal police blah etc. because they consider everyone
   searching for that a terrorist. Yet I do it mostly to be up to date
   on certain developments in terms of security.

There are many more reasons which I also wrote a number of articles
about in various magazines and on various websites. There are a couple
of abusers of Tor, for sure. But by blocking them, you are also
preventing us from making legal use of this nice tool. And it really is
a nice tool.

Another thing to consider is:

Most of the attacks on your server are coming from the Internet, just
like a lot of SPAM, port scans, etc. There is little legitimate traffic,
as opposed to the local network where a lot of employees and backup
servers etc. are doing their work and nearly 80% of the traffic are
actually legitimate. Why not block the Internet then? Most of the time
you don't get the bastard spamass anyway.

				Tonnerre
-- 
SyGroup GmbH
Tonnerre Lombard

Loesungen mit System
Tel:+41 61 333 80 33    Roeschenzerstrasse 9
Fax:+41 61 383 14 67    4153 Reinach
Web:www.sygroup.ch      tonnerre.lombard@...roup.ch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 824 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060603/f4b8d772/attachment.bin

Powered by blists - more mailing lists