[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: How to ban many IPs?
On Thu, Oct 30, 2008 at 11:11 AM, F. Fox <kitsune.or@xxxxxxxxx> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Jonathan Addington wrote:
> (snip)
>> The easiest way to implement it is probably to use Squid in
>> *non-caching* mode. It's ACL's are powerful enough that other people
>> have built web blocking software around it. Not the best of solutions,
>> but you could return an error page for any sites that don't match the
>> white list explaining that your node can't accept such requests.
>>
>> (To the dozen responses I am going to get back on why this is such a
>> bad idea: I know. I don't know of a better one if a white/black list
>> has to be used and HTTP traffic is allowed.)
>>
> (snip)
>
> IMHO, the problem isn't that filtering would be in place - this should
> be the option of each node operator, and there are other exits - but
> that there's no way for the Tor client software to avoid such a node
> entirely when accessing a blacklisted site.
>
> Basically, if you used the ACLs in Squid in this way, clients that want
> blacklisted site "X," might still pick your exit (in a semi-random
> fashion), since you're neither listing Site X as a Reject line, nor
> blocking port 80 exits entirely.
>
> So, Squid would send back an error of some kind, and that client would
> be stopped cold until they either restarted Tor, or sent a NEWNYM/SIGHUP.
>
> That would not only be annoying as all get out in manual use, but would
> cause no end of problems with any automated use (e.g., spidering
> programs, download managers, wget, etc.).
You absolutely right (I did mention it was a bad idea). What about a
whitelist instead? Does anybody know what sites take up the highest
amount of bandwidth in the tor network?
I would guess that Blogger and Wikipedia would be up there. One may
not need a long white list to attract a large amount of bandwidth for
this kind of browsing.
-madjon
> - --
> F. Fox
> Owner of Tor node "kitsune"
> http://fenrisfox.livejournal.com
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iQIcBAEBCAAGBQJJCdzBAAoJECxKjnsrYHNHsLEP/R0o1Oq+hIsROV3Fgn0CuJ+U
> KneLAnqiepGvEKPBlN9el8/Bfh57UY79C3VWA49qSiYQg0xZHfthukzviowcChQB
> J5Bnz4CccaWVSnv7O7FSrZEbrU+aOh7wrPy2RUhm01/WUFF9EG5Uw0ycfDLfKZe9
> +p0FKAm9G/LJEY+X+J+rHhdiTsfSsdk0qqqjbNIpU8C1QgR8A99GEpuN+8Ja2gwz
> LaQ81QfciB2LjTuof2mVPsBXzbl1wt3ULeotOkH0zH2MMyDyadgvkGwa7goZ9xX3
> x0aZdZSci3eAXQPYBKke/ormxzqMAzElQo9COTgCmMij0cf5KYHp8L6YyWMCBsgj
> KZLqGFl7gl1bN3ffWyBbzolRguneydEeC1Rek9n7y5Y+nKOL7bl8WF6ZUQ6iECcP
> 2ywLGomzsd52lOyKfu999HfF0D/pJgY7vZn8njgggVsbUK0Y43QEScaXOTr7gPzl
> 6ChCHBxvqwzGrshi8HrSsad4jssmzjdVh2DBRAmtPsTPmhqThGsjP39HH83h3XI1
> jhYrE8u8eKwtYOSCoW2htiKzoyvLWW+3c5Y1pH/Vkmq9azDZCSpTxx1HBrVBglsk
> CUb8fkVmOrRwOexny2UCIdgFauXa3at+zVDSVtcFiBSCANr9pAyP4b1hj0SAXoNo
> J97u6rB2/T1JmTWaQviw
> =mq6a
> -----END PGP SIGNATURE-----