Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 16 replies
  • Subscribers 1 subscriber
  • Views 33164 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Tor browser blocked in Application Control, but still working

Derick Maruyama
Hi, here we go again one more problem maybe someone could help me...
We has blocked the Anonymizers category in application control, but it still work fine, we're testing the tor web browser, and work just work like have nothing wrong... in the live log (firewall and also in web filtering) we can see the rules blocking the application but has blocked only in the logs, cause the tor browser still works... someone have a idea of this problem? 


att, 
Derick Maruyama da Silva


This thread was automatically locked due to age.
  • 0
    Why not block them in Web Filtering - "Anonymizers" and "Anonymizing Utilities" ?

    I couldn't read your pictures.  Instead of screen captures, copy a few lines from each log file.  When posting firewall log lines, be sure to post lines from the full Firewall log file, not from the Firewall Live Log.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Additionally: As it appears you are in control of a test client, use Wireshark/tcpdump to observe how TOR may be sending (including camouflaging) traffic as types you may intentionally, or unintentionally, allow.
  • 0
    Sorry for the inconvenient... it's working know, was a error in the profiles in web filtering were anonymizers was in the category entertainment were was allowed... so we has changed this category and now is working...


    att,
    Derick Maruyama
  • 0 in reply to Derick Maruyama
    Hi,

    simillar problem here.
    But it still works, also when blocking anominizers....

    - created a Application Control Rule to Block Tor.
    - also put Anonymizers (...) in categories that are blocked.
    - use webproxy and Urlfilter but not SSL Scan (just URL Filter for SSL)

    So is it anyhow possible to block Tor?
    When I test it with a client I get connected if I use Bridge Setting in Tor Browser

    Any suggestions here?

    Thanks
  • 0
    Maybe we've the same problem here?
    https://community.sophos.com/products/unified-threat-management/astaroorg/f/55/t/46541

    It seems that the Webfilter disables all ApplicationControl settings
  • 0
    @t14u: Sorry, I don't understand.  Please click on [Go Advanced] below and attach pictures.  Also, I don't use Tor browsers, so please explain what "bridge" mode is in that.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Attached is the Tor Browser setting.
    I also Dont use it, but the Kids. I just want to Block the traffic.
  • 0
    Thanks, I speak German, but I don't know was "eine Brücke" sei auf Tor Sprache.  Actually (in American, that means "in fact"), I was looking for pictures of the UTM settings opened in Edit mode.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Brücke = Bridge
    Tor Browser = Anonymiser [;)]
  • 0
    [;)], wie gesagt, habe schon alles auf Deutsch verstanden, but I have no idea what a "bridge" is in Tor lingo.  Is this another site or IP that offers a tor?  Or is it a configuration at a specific tor site?  Or???

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Cookie Information Banner