[tor-talk] Pissed off about Blacklists, and what to do?

Fabio Pietrosanti (naif) lists at infosecurity.ch
Sat Mar 8 19:06:11 UTC 2014

Il 2/7/14, 4:46 AM, grarpamp ha scritto:
> What can we do, as a collective social entity, to put an end to
> this madness? 
>From a "Security-Wise" point of view, if i was the IT Security Manager
of a company, i would definitively block Tor's access to my IT
I would also block most of spamhaus, VPN's, etc, unless there is a clear
and evident "business need" to allow that source of traffic.
It's very reasonable and effective from an IT Security Practice point of
view to block IPs that are common source of IP attacks.
Doing it from an anti-fraud point of view it's even more effective,
preventing any kind of economic transaction from public proxy service,
increase the cost and complexity for the "poor's fraudster".

So i think that we cannot do anything.

I think that the IT Security guys are right in blocking or restricting
access to most services when coming from public proxy services.

You can "push" the big dotcoms in order to manage in a better way the
traffic coming from dirty IP addresses, and that's happening.

Probably having "specialized Exit Node" for the most common services
(facebook, google, etc) , in order not-to-mix dirty traffic with
very-reasonably-good-traffic, could be one of the path to work on.


More information about the tor-talk mailing list