[Full-disclosure] Tool Release - Tor Blocker

[Michael Holstein]

> Recently our servers were hacked by a tor user and we were unable to 
> prosecute due to not being able to trace the source as the user was 
> using this malicious piece of software to keep his/her anonymity.

TOR isn't malicious. Privacy is a precious thing these days.

Don't blame TOR because you failed to secure your Apache install. Your 
.sig line is funny, considering just blocking TOR with a 403 is really 
just smoke and mirrors.

> To mitigate most tor attackers we've written an apache module designed 
> to give tor users a 403 error when visiting a specific website.  We 
> suggest all administrators whom do not wish a malicious tor user to 
> visit and possibly deface their website to enable the usage of this 
> module. This may not get all attackers, but hopefully it raises the 
> security bar just a little bit more to safeguard ourselves from hackers.

Why not just use mod_access_rbl and something like : 
http://www.ahbl.org/notices/tor.php

/mike.