+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 20
Internet Related/Filtering/Firewall Thread, TOR in Technical; Anyone got any good info on blocking TOR? given its potential uses for photographic and video content as well substance ...
  1. #1
    oxide54's Avatar
    Join Date
    Mar 2009
    Posts
    798
    Thank Post
    51
    Thanked 55 Times in 54 Posts
    Rep Power
    22

    TOR

    Anyone got any good info on blocking TOR?

    given its potential uses for photographic and video content as well substance supply i would think it would probably be prudent to block.

  2. #2
    grant_girdwood's Avatar
    Join Date
    Jun 2012
    Location
    Bloxx HQ
    Posts
    52
    Thank Post
    1
    Thanked 10 Times in 9 Posts
    Rep Power
    5
    Quote Originally Posted by oxide54 View Post
    Anyone got any good info on blocking TOR?

    given its potential uses for photographic and video content as well substance supply i would think it would probably be prudent to block.
    Blocking IP address based URLs will sort this for you.

  3. #3

    synaesthesia's Avatar
    Join Date
    Jan 2009
    Location
    Northamptonshire
    Posts
    5,485
    Thank Post
    527
    Thanked 876 Times in 683 Posts
    Blog Entries
    15
    Rep Power
    438
    Your only real option is to use DNS blocking from a decent TOR blacklist. Much of the idea of TOR is to make it difficult to block in the first place so it's not particularly an easy thing to do. Those blacklists are certainly not a 100% solution for that very reason, they hosts will obviously change constantly.

  4. #4

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,390
    Thank Post
    797
    Thanked 1,588 Times in 1,391 Posts
    Blog Entries
    10
    Rep Power
    427
    You could block .exe using group policy.

  5. #5
    oxide54's Avatar
    Join Date
    Mar 2009
    Posts
    798
    Thank Post
    51
    Thanked 55 Times in 54 Posts
    Rep Power
    22
    Quote Originally Posted by FN-GM View Post
    You could block .exe using group policy.
    doesn't really help with BYOD

  6. #6

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,390
    Thank Post
    797
    Thanked 1,588 Times in 1,391 Posts
    Blog Entries
    10
    Rep Power
    427
    Quote Originally Posted by oxide54 View Post
    doesn't really help with BYOD
    No it wouldn't

    This is one reason i wouldnt allow internet on BYOD. If you want it go via a RDS / Terminal Server session

  7. #7
    DrCheese's Avatar
    Join Date
    Apr 2008
    Posts
    1,017
    Thank Post
    96
    Thanked 158 Times in 107 Posts
    Rep Power
    58
    Quote Originally Posted by FN-GM View Post
    No it wouldn't

    This is one reason i wouldnt allow internet on BYOD. If you want it go via a RDS / Terminal Server session
    Which would be totally useless on smartphones/tablets :P

  8. #8

    Join Date
    Jun 2010
    Location
    England
    Posts
    735
    Thank Post
    89
    Thanked 52 Times in 46 Posts
    Rep Power
    34
    Not to sure what this is, but could you block the ports on your firewall?
    Or is it using standard ports?

    I guess it's one of those things which would be covered under your AUP for BYOD, and if anyone got caught using it then appropriate actions taken against them.

  9. #9

    synaesthesia's Avatar
    Join Date
    Jan 2009
    Location
    Northamptonshire
    Posts
    5,485
    Thank Post
    527
    Thanked 876 Times in 683 Posts
    Blog Entries
    15
    Rep Power
    438
    (Sorry, I was assuming you wanted to block people from accessing resources on TOR clients - if you want to stop people using TOR clients from in school then yes, proper .exe policies...)

  10. #10

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,390
    Thank Post
    797
    Thanked 1,588 Times in 1,391 Posts
    Blog Entries
    10
    Rep Power
    427
    Quote Originally Posted by DrCheese View Post
    Which would be totally useless on smartphones/tablets :P
    No it wouldn't...... Worked find in the last place

  11. #11

    Join Date
    Jun 2010
    Location
    England
    Posts
    735
    Thank Post
    89
    Thanked 52 Times in 46 Posts
    Rep Power
    34
    Quote Originally Posted by FN-GM View Post
    No it wouldn't...... Worked find in the last place
    How did it work?
    I'd expect it to be quite clunky on a phone and not a very appealing experience.

  12. #12

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,390
    Thank Post
    797
    Thanked 1,588 Times in 1,391 Posts
    Blog Entries
    10
    Rep Power
    427
    Quote Originally Posted by ihaveaproblem View Post
    How did it work?
    I'd expect it to be quite clunky on a phone and not a very appealing experience.
    Using Citirix Xen App, they use it allot on tablets. Not on phones though, due to the contracted phones they had.

  13. #13
    oxide54's Avatar
    Join Date
    Mar 2009
    Posts
    798
    Thank Post
    51
    Thanked 55 Times in 54 Posts
    Rep Power
    22
    Quote Originally Posted by FN-GM View Post
    No it wouldn't

    This is one reason i wouldnt allow internet on BYOD. If you want it go via a RDS / Terminal Server session
    thats a good option as it, does afford you a lot of control.

    down sides are cost, interms of licensing / server hardware. Depends on your current setup/use of TS

  14. #14

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    15,390
    Thank Post
    797
    Thanked 1,588 Times in 1,391 Posts
    Blog Entries
    10
    Rep Power
    427
    Quote Originally Posted by oxide54 View Post
    thats a good option as it, does afford you a lot of control.

    down sides are cost, interms of licensing / server hardware. Depends on your current setup/use of TS
    As you say it depends on cost. At our place we already have allot of it in place so wont cost a massive amount to setup.

  15. #15


    Join Date
    Feb 2007
    Location
    51.405546, -0.510212
    Posts
    8,120
    Thank Post
    203
    Thanked 2,385 Times in 1,765 Posts
    Rep Power
    703
    Quote Originally Posted by oxide54 View Post
    doesn't really help with BYOD
    Palo Alto firewalls are meant to be able to block Tor.


SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •