From 773628089a697f388683edb08154c631594ff466 Mon Sep 17 00:00:00 2001
From: FreeArtMan <dos21h@gmail.com>
Date: Thu, 28 Mar 2019 21:20:59 +0000
Subject: added to iptables notes way to block tor nodes

---
 md/writeup/using_iptables.md | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/md/writeup/using_iptables.md b/md/writeup/using_iptables.md
index 9f92993..b2b046c 100644
--- a/md/writeup/using_iptables.md
+++ b/md/writeup/using_iptables.md
@@ -305,6 +305,18 @@ there. Then there is possible to match specific connection state
 iptables -A INPUT -m state --state NEW -j DROP -s 86.159.18.180
 ```
 
+### Block TOR
+
+There is quite common that ANNONYMOUSE users have higher chance to abuse services.
+Also some website provides list of exit nodes. Here we going to add to new 
+iptables chai list of IPs gathered from public source
+```
+wget -c https://www.dan.me.uk/torlist/ > tor.list
+iptables -N TOR
+iptables -t filter -A INPUT -j TOR
+cat /tmp/tor.list | uniq | sort | xargs iptables -A TOR -j DROP -s
+```
+
 ### Logging
 
 Log droppend packages
@@ -343,6 +355,7 @@ the system admins could be not happy with this jokes ;].
 16. https://en.wikipedia.org/wiki/Transmission_Control_Protocol#Protocol_operation
 17. https://tools.ietf.org/html/rfc675
 18. https://www.netfilter.org/documentation/HOWTO/packet-filtering-HOWTO-7.html
+19. https://www.dan.me.uk/torlist/
 
 https://www.honeynet.org/node/691
 http://wiki.lvl1.org/Iptables
-- 
cgit v1.2.3