Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2693
Views
0
Helpful
10
Replies

It there a way to block Tor Browser

deneill
Level 1
Level 1

‎11-08-2013 10:43 AM - edited ‎03-11-2019 08:02 PM

We have users that are bypassing our webfilter using the Tor Browser. Is there anyway to block this using an ASA5540                 

Labels:
0 Helpful
10 Replies 10

jumora
Level 7
Level 7

‎11-08-2013 01:25 PM

I was reading about this and on websense site they talk of multiple ways to block Tor but they also mention that Tor sites registered are around 1300 so at the firewall I don't believe that regex level will help. I am going to check with CSC module that does URL filtering over HTTP/HTTPS sites.

Value our effort and rate the assistance!
0 Helpful

jumora
Level 7
Level 7
In response to jumora

‎11-08-2013 01:32 PM

I believe that CSC can block based on a comment that we have a fix for CSC function that did not drop it in the past.

Value our effort and rate the assistance!
0 Helpful

jumora
Level 7
Level 7
In response to jumora

‎11-08-2013 01:42 PM

5540 by itself cannot block Tor based on the fact that it works over HTTPS and ASA has no inspection for HTTPS, if you have a CSC module on the ASA that could drop it but it seems that you should be reaching out to websense since they should be able to block HTTPs as the firewall can do HTTPS redirects to Websense filter. 

Value our effort and rate the assistance!
0 Helpful

jumora
Level 7
Level 7
In response to jumora

‎11-09-2013 09:18 PM

Do you need anything else?

Please rate our assistance.

Value our effort and rate the assistance!
0 Helpful

jumora
Level 7
Level 7
In response to jumora

‎11-12-2013 11:03 AM

Do you need anything else?

Value our effort and rate the assistance!
0 Helpful

jumora
Level 7
Level 7
In response to jumora

‎11-13-2013 12:21 PM

Please rate the assistance

Value our effort and rate the assistance!
0 Helpful

jumora
Level 7
Level 7
In response to jumora

‎11-14-2013 06:08 AM

????????????????????????

Value our effort and rate the assistance!
0 Helpful

Julio Carvajal
VIP Alumni
VIP Alumni

‎11-14-2013 02:47 PM

Hello Deneil,

Due to the nature of the application I would not think so!

Use a dedicated application filtering device for it like the CX option on the Firewall (Application aware).

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

jumora
Level 7
Level 7
In response to Julio Carvajal

‎11-17-2013 12:59 PM

Please rate the assistance so we can continue with other tickets

Value our effort and rate the assistance!
0 Helpful

nawir
Level 1
Level 1

‎10-19-2014 06:50 PM

My way to block tor is this

http://nbctcp.wordpress.com/2014/10/20/blocking-tor-browser-in-cisco-asa-5505/

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card