lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <78BDD05BFDFA9E4089424008706DBCE003A53084@ms09.mse4.exchange.ms>
Date: Sat Jun  3 06:24:53 2006
From: ali at packetknife.com (Ali-Reza Anghaie)
Subject: Blocking Tor is not the right way forward. It
	may just be the right way backward.

Forget hackers versus 'freedom', etc. for a moment. I'm trying to figure
out why a server or firewall administrator would subject themselves to
semi-dynamic rules by using a resource like
http://serifos.eecs.harvard.edu/cgi-bin/exit.pl?textonly=1 in the first
place.

Lets see... wait for the first time ~that site~ gets compromised and you
pull a nice list of address space for major ISPs. Or when Tor servers
are run on/NAT at the border and the IPs are the same as a major
'legitimate' proxies. Or you pull a poisoned DNS record and don't see
that site at all but get a nicely planted fake list.

Yeah, a majority of 'abusers' aren't going to go to great length but
then again that majority aren't the people you're worried about in the
first place.

I say if you have the excess energy audit code, fuzz, install
application protocol proxies, etc. and don't bother with blacklists.
-Ali

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ