+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 20
Internet Related/Filtering/Firewall Thread, TOR in Technical; Anyone got any good info on blocking TOR? given its potential uses for photographic and video content as well substance ...
  1. #1
    oxide54's Avatar
    Join Date
    Mar 2009
    Posts
    798
    Thank Post
    51
    Thanked 55 Times in 54 Posts
    Rep Power
    22

    TOR

    Anyone got any good info on blocking TOR?

    given its potential uses for photographic and video content as well substance supply i would think it would probably be prudent to block.

  2. #2
    grant_girdwood's Avatar
    Join Date
    Jun 2012
    Location
    Bloxx HQ
    Posts
    54
    Thank Post
    2
    Thanked 11 Times in 10 Posts
    Rep Power
    6
    Quote Originally Posted by oxide54 View Post
    Anyone got any good info on blocking TOR?

    given its potential uses for photographic and video content as well substance supply i would think it would probably be prudent to block.
    Blocking IP address based URLs will sort this for you.

  3. #3

    synaesthesia's Avatar
    Join Date
    Jan 2009
    Location
    Northamptonshire
    Posts
    5,887
    Thank Post
    575
    Thanked 1,001 Times in 773 Posts
    Blog Entries
    15
    Rep Power
    461
    Your only real option is to use DNS blocking from a decent TOR blacklist. Much of the idea of TOR is to make it difficult to block in the first place so it's not particularly an easy thing to do. Those blacklists are certainly not a 100% solution for that very reason, they hosts will obviously change constantly.

  4. #4

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,847
    Thank Post
    877
    Thanked 1,680 Times in 1,460 Posts
    Blog Entries
    12
    Rep Power
    444
    You could block .exe using group policy.

  5. #5
    oxide54's Avatar
    Join Date
    Mar 2009
    Posts
    798
    Thank Post
    51
    Thanked 55 Times in 54 Posts
    Rep Power
    22
    Quote Originally Posted by FN-GM View Post
    You could block .exe using group policy.
    doesn't really help with BYOD

  6. #6

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,847
    Thank Post
    877
    Thanked 1,680 Times in 1,460 Posts
    Blog Entries
    12
    Rep Power
    444
    Quote Originally Posted by oxide54 View Post
    doesn't really help with BYOD
    No it wouldn't

    This is one reason i wouldnt allow internet on BYOD. If you want it go via a RDS / Terminal Server session

  7. #7
    DrCheese's Avatar
    Join Date
    Apr 2008
    Posts
    1,026
    Thank Post
    97
    Thanked 158 Times in 107 Posts
    Rep Power
    58
    Quote Originally Posted by FN-GM View Post
    No it wouldn't

    This is one reason i wouldnt allow internet on BYOD. If you want it go via a RDS / Terminal Server session
    Which would be totally useless on smartphones/tablets :P

  8. #8

    Join Date
    Jun 2010
    Location
    England
    Posts
    735
    Thank Post
    89
    Thanked 52 Times in 46 Posts
    Rep Power
    35
    Not to sure what this is, but could you block the ports on your firewall?
    Or is it using standard ports?

    I guess it's one of those things which would be covered under your AUP for BYOD, and if anyone got caught using it then appropriate actions taken against them.

  9. #9

    synaesthesia's Avatar
    Join Date
    Jan 2009
    Location
    Northamptonshire
    Posts
    5,887
    Thank Post
    575
    Thanked 1,001 Times in 773 Posts
    Blog Entries
    15
    Rep Power
    461
    (Sorry, I was assuming you wanted to block people from accessing resources on TOR clients - if you want to stop people using TOR clients from in school then yes, proper .exe policies...)

  10. #10

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,847
    Thank Post
    877
    Thanked 1,680 Times in 1,460 Posts
    Blog Entries
    12
    Rep Power
    444
    Quote Originally Posted by DrCheese View Post
    Which would be totally useless on smartphones/tablets :P
    No it wouldn't...... Worked find in the last place

  11. #11

    Join Date
    Jun 2010
    Location
    England
    Posts
    735
    Thank Post
    89
    Thanked 52 Times in 46 Posts
    Rep Power
    35
    Quote Originally Posted by FN-GM View Post
    No it wouldn't...... Worked find in the last place
    How did it work?
    I'd expect it to be quite clunky on a phone and not a very appealing experience.

  12. #12

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,847
    Thank Post
    877
    Thanked 1,680 Times in 1,460 Posts
    Blog Entries
    12
    Rep Power
    444
    Quote Originally Posted by ihaveaproblem View Post
    How did it work?
    I'd expect it to be quite clunky on a phone and not a very appealing experience.
    Using Citirix Xen App, they use it allot on tablets. Not on phones though, due to the contracted phones they had.

  13. #13
    oxide54's Avatar
    Join Date
    Mar 2009
    Posts
    798
    Thank Post
    51
    Thanked 55 Times in 54 Posts
    Rep Power
    22
    Quote Originally Posted by FN-GM View Post
    No it wouldn't

    This is one reason i wouldnt allow internet on BYOD. If you want it go via a RDS / Terminal Server session
    thats a good option as it, does afford you a lot of control.

    down sides are cost, interms of licensing / server hardware. Depends on your current setup/use of TS

  14. #14

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,847
    Thank Post
    877
    Thanked 1,680 Times in 1,460 Posts
    Blog Entries
    12
    Rep Power
    444
    Quote Originally Posted by oxide54 View Post
    thats a good option as it, does afford you a lot of control.

    down sides are cost, interms of licensing / server hardware. Depends on your current setup/use of TS
    As you say it depends on cost. At our place we already have allot of it in place so wont cost a massive amount to setup.

  15. #15


    Join Date
    Feb 2007
    Location
    51.405546, -0.510212
    Posts
    8,776
    Thank Post
    223
    Thanked 2,633 Times in 1,940 Posts
    Rep Power
    780
    Quote Originally Posted by oxide54 View Post
    doesn't really help with BYOD
    Palo Alto firewalls are meant to be able to block Tor.


SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •