cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2227
Views
0
Helpful
10
Replies

It there a way to block Tor Browser

deneill
Level 1
Level 1

We have users that are bypassing our webfilter using the Tor Browser. Is there anyway to block this using an ASA5540                 

10 Replies 10

jumora
Level 7
Level 7

I was reading about this and on websense site they talk of multiple ways to block Tor but they also mention that Tor sites registered are around 1300 so at the firewall I don't believe that regex level will help. I am going to check with CSC module that does URL filtering over HTTP/HTTPS sites.

Value our effort and rate the assistance!

I believe that CSC can block based on a comment that we have a fix for CSC function that did not drop it in the past.

Value our effort and rate the assistance!

5540 by itself cannot block Tor based on the fact that it works over HTTPS and ASA has no inspection for HTTPS, if you have a CSC module on the ASA that could drop it but it seems that you should be reaching out to websense since they should be able to block HTTPs as the firewall can do HTTPS redirects to Websense filter. 

Value our effort and rate the assistance!

Do you need anything else?

Please rate our assistance.

Value our effort and rate the assistance!

Do you need anything else?

Value our effort and rate the assistance!

Please rate the assistance

Value our effort and rate the assistance!

????????????????????????

Value our effort and rate the assistance!

Julio Carvajal
VIP Alumni
VIP Alumni

Hello Deneil,

Due to the nature of the application I would not think so!

Use a dedicated application filtering device for it like the CX option on the Firewall (Application aware).

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Please rate the assistance so we can continue with other tickets

Value our effort and rate the assistance!

nawir
Level 1
Level 1

My way to block tor is this

http://nbctcp.wordpress.com/2014/10/20/blocking-tor-browser-in-cisco-asa-5505/

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: