Buy or Renew
Buy or Renew
NOTICE: OpenDNS Service Currently Not Available To Users In Belgium. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
192
Views
0
Helpful
5
Replies

Block Tor Browser or Tor on OpenDNS

ediddy3234
Level 1
Level 1

‎07-05-2017 11:44 PM

I am having a really hard time figuring out how to use OpenDNS to either block Tor OR prevent the Tor Browser from connecting to the internet through my router.

What I can tell you what I have done already: I have a router (Archer C7) that was flashed with DD-WRT. With it, I have added 208.67.222.222; 208.67.220.220; and 208.67.222.220 to the DNS slots and checked "Force DNS" so that all the traffic supposedly routes through OpenDns. On the internet side of things, I have logged into OpenDNS and blocked Proxy on that end as well. Having done all of this, I can still use the Tor Browser to connect to the internet. Furthermore, I have K9 web filter installed, and even this does not prevent Tor Browser from connecting.

I know it is nearly impossible to block Tor as a whole. I am just hoping to prevent the browser itself from getting out into the internet as it bypasses all of the firewall and router settings I established. Thank you in advance.

Labels:
0 Helpful
5 Replies 5

rotblitz
Level 6
Level 6

‎07-06-2017 05:32 AM

The purpose of TOR and its browser is to not being able to block it, so your approach is wrong. 
See also https://support.opendns.com/hc/en-us/community/posts/220013287

The only thing you can do is to block the domains where the TOR browser can be downloaded from, e.g. torproject.org.

"all the traffic supposedly routes through OpenDns"

Nope, just your DNS traffic, not anything else.

0 Helpful

ediddy3234
Level 1
Level 1

‎07-06-2017 04:19 PM

Hmmm, in that case will iptables work to instruct the router to block the Tor Browser? Additionally, someone stated that there is a DNS version of the exit nodes used by Tor Project which is: 209.137.169.81.6667.4.3.2.1.ip-port.exitlist.torproject.org  

Would blocking this in OpenDNS or the router prevent the Tor Browser from connecting?

0 Helpful

rotblitz
Level 6
Level 6

‎07-07-2017 03:14 AM

Most likely not, because OpenDNS returns NXDOMAIN for it.

Blocking IP address ranges and ports on the router may be the right way to go.

0 Helpful

ediddy3234
Level 1
Level 1

‎07-07-2017 03:28 AM

Would you have any advice or could you possibly point me in the right direction on how to go about doing this? I have no experience creating iptables or employing them on my router through DD-WRT if that is even possible. If not I completely understand, you have been very gracious to me thus far.

0 Helpful

rotblitz
Level 6
Level 6

‎07-07-2017 04:56 AM

I do not have experience with DD-WRT, and this is not OpenDNS related.  I would think your best bet is to research in the dd-wrt.com wiki and forum.  Their documentation and assistance seem to be excellent.

0 Helpful
Customers Also Viewed These Support Documents