[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: How to ban many IPs?

To: or-talk@xxxxxxxxxxxxx
Subject: Re: How to ban many IPs?
From: "Jonathan Addington" <madjon@xxxxxxxxx>
Date: Thu, 30 Oct 2008 11:24:46 -0500
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Thu, 30 Oct 2008 12:24:54 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=JllTiQc3qZPW6huK31ha9EATH0hp+roEYt2yREHpKpE=; b=Ugc4BVlAsrWkU+mpQPkFldfj9uO6iJHomkBfJCDStx1yxvu5LmoRB3Y4l3E9qRBBV9 afeZeOCIq61jiIUldDiLn3yHR5E1dCXskLUqWWgE7aTnjwVUphli9vuO3hhu65ZkjRIQ F2BHu+FKzn0bwegwiUbe9oEabIy2rDa0oebdw=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=BdoLn7DC1s5UEddJJHQE1ZjdZ4gF4NVxvEyv+dkogiDFMiclS+iioxDzUZGNL5NAH2 lbfQEkNLf597BGGsHr4tBhJT/ItZpYJZHwG+JN3uyxePBEBpFDZqh67ZwdEtFLbVr8ub ABc18RxDL8deVT7orQbzAc43QOM5t+GA1wHwE=
In-reply-to: <4909DCC9.4050501@xxxxxxxxx>
References: <bd9056300810291352k8a0b9begfc49414f06fffb7e@xxxxxxxxxxxxxx> <cbb8f04c0810291357w2d2ad4eap8028a78b78ad5572@xxxxxxxxxxxxxx> <bd9056300810291418j49257be5ib1195e376bc48678@xxxxxxxxxxxxxx> <1da45f2a0810291432xb6c74a1o1aad44c965b43326@xxxxxxxxxxxxxx> <4909DCC9.4050501@xxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

On Thu, Oct 30, 2008 at 11:11 AM, F. Fox <kitsune.or@xxxxxxxxx> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Jonathan Addington wrote:
> (snip)
>> The easiest way to implement it is probably to use Squid in
>> *non-caching* mode. It's ACL's are powerful enough that other people
>> have built web blocking software around it. Not the best of solutions,
>> but you could return an error page for any sites that don't match the
>> white list explaining that your node can't accept such requests.
>>
>> (To the dozen responses I am going to get back on why this is such a
>> bad idea: I know. I don't know of a better one if a white/black list
>> has to be used and HTTP traffic is allowed.)
>>
> (snip)
>
> IMHO, the problem isn't that filtering would be in place - this should
> be the option of each node operator, and there are other exits - but
> that there's no way for the Tor client software to avoid such a node
> entirely when accessing a blacklisted site.
>
> Basically, if you used the ACLs in Squid in this way, clients that want
> blacklisted site "X," might still pick your exit (in a semi-random
> fashion), since you're neither listing Site X as a Reject line, nor
> blocking port 80 exits entirely.
>
> So, Squid would send back an error of some kind, and that client would
> be stopped cold until they either restarted Tor, or sent a NEWNYM/SIGHUP.
>
> That would not only be annoying as all get out in manual use, but would
> cause no end of problems with any automated use (e.g., spidering
> programs, download managers, wget, etc.).

You absolutely right (I did mention it was a bad idea). What about a
whitelist instead? Does anybody know what sites take up the highest
amount of bandwidth in the tor network?

I would guess that Blogger and Wikipedia would be up there. One may
not need a long white list to attract a large amount of bandwidth for
this kind of browsing.

-madjon

> - --
> F. Fox
> Owner of Tor node "kitsune"
> http://fenrisfox.livejournal.com
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iQIcBAEBCAAGBQJJCdzBAAoJECxKjnsrYHNHsLEP/R0o1Oq+hIsROV3Fgn0CuJ+U
> KneLAnqiepGvEKPBlN9el8/Bfh57UY79C3VWA49qSiYQg0xZHfthukzviowcChQB
> J5Bnz4CccaWVSnv7O7FSrZEbrU+aOh7wrPy2RUhm01/WUFF9EG5Uw0ycfDLfKZe9
> +p0FKAm9G/LJEY+X+J+rHhdiTsfSsdk0qqqjbNIpU8C1QgR8A99GEpuN+8Ja2gwz
> LaQ81QfciB2LjTuof2mVPsBXzbl1wt3ULeotOkH0zH2MMyDyadgvkGwa7goZ9xX3
> x0aZdZSci3eAXQPYBKke/ormxzqMAzElQo9COTgCmMij0cf5KYHp8L6YyWMCBsgj
> KZLqGFl7gl1bN3ffWyBbzolRguneydEeC1Rek9n7y5Y+nKOL7bl8WF6ZUQ6iECcP
> 2ywLGomzsd52lOyKfu999HfF0D/pJgY7vZn8njgggVsbUK0Y43QEScaXOTr7gPzl
> 6ChCHBxvqwzGrshi8HrSsad4jssmzjdVh2DBRAmtPsTPmhqThGsjP39HH83h3XI1
> jhYrE8u8eKwtYOSCoW2htiKzoyvLWW+3c5Y1pH/Vkmq9azDZCSpTxx1HBrVBglsk
> CUb8fkVmOrRwOexny2UCIdgFauXa3at+zVDSVtcFiBSCANr9pAyP4b1hj0SAXoNo
> J97u6rB2/T1JmTWaQviw
> =mq6a
> -----END PGP SIGNATURE-----

References:
- How to ban many IPs?
  - From: slush
- Re: How to ban many IPs?
  - From: Matt LaPlante
- Re: How to ban many IPs?
  - From: slush
- Re: How to ban many IPs?
  - From: Jonathan Addington
- Re: How to ban many IPs?
  - From: F. Fox

Prev by Author: Re: How to ban many IPs?
Next by Author: Re: GnuPG through Tor
Previous by thread: Re: How to ban many IPs?
Next by thread: Re: How to ban many IPs?
Index(es):
- Author
- Thread