lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue Jun 6 13:18:46 2006 From: sol at haveyoubeentested.org (Sol Invictus) Subject: Re: blocking tor is not the right way forward. It may just be the right way backward. There is one simple (from management's point of view) way to solve this issue. DEFAULT DENY and monitor everything else. That way whenever someone uses a legitimate path for something not legit, it will be caught. Why do you think they posted guards at the gates of old castles? Create the chokepoint and search everyone. Sol. Joel Jose wrote: > see, its pitty how we dont understand that we are trying to defend > using the wrong principles. > > just like the other poster pointed out.. protect your data == plug > holes + preserve + restore data.. != go for a witch hunt. > > moreover.. we when "blocking" tor and denying access are assuming 3 > things : > 1) tor cannot be recreated(dont bet on that.. imagine a tor-2 network > which corrects(takes different policy measures) the blacklisting > facility, if we hold the rope so tight as to choke.. the privacy > people and the community will come up with a better and more effective > tool.. ) > 2) scarce resources is the way forward. Cmon public open proxies, tor > like public projects..etc are not "scarce" resource for the attacker.. > but it is a scarce resource for the users... dont get fooled.. > ofcourse all it takes for a determined(and well funded) attacker is > "shift" his cables to get onto a different network to attack you ;) > 3)TOR is not the problem.. its a solution for privacy... it would be > much better if you try to find time to code for better webserver > protections against a dos.. or even write a patch for that new > full-disclosure vulnerability.. did i say proof-of-concept.. yikes.. > ;) > > PS : ofcourse right now discussions are on on how to "label" / "mark" > tor users so that CIA triad is maintained for resources accessed by > tor users having different access privileges. psuedonyms are a serious > model thats being considered and researched... > > joel.
Powered by blists - more mailing lists