[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] IBM says Block Tor



Hi,

I will share my experience with getting into Tor out of my companies
network (one in the top ten of the biggest employers in Germany):

The website torproject.org is blocked entirely, but nearly all mirrored
websites do work. After downloading Tor I just had to set up the proxy
in the network settings of Tor. It worked right out of the box. I was a
bit surprised because we have a bit strict access list for websites and
a really high security standard. (and I do not understand the blocking
of the Torproject website). (maybe I should try to get an OONI-Test in
there?)

Of course it's every employers own decision to allow or deny certain
websites since it's their corporate network. But claiming Tor as "bad"
and malicious (IBM) is not the reality. But I am waiting eagerly if my
employer decides to block Tor entirely.

Cheers!

Virgil Griffith:
> "In general, networks should be configured to deny access to websites such
> as www.torproject.org"
> 
> Blocking Tor exit nodes is one thing, but this is just bizarre. They could
> make a claim that privacy from your boss is something they wish to prevent,
> but I saw no such claim.
> 
> On Thu, 27 Aug 2015 at 14:19 CJ <tor@xxxxxxxx> wrote:
> 
>>
>>
>> On 08/27/2015 12:51 AM, grarpamp wrote:
>>>
>> http://public.dhe.ibm.com/common/ssi/ecm/wg/en/wgl03086usen/WGL03086USEN.PDF
>>>
>>> IBM Advises Businesses To Block Tor
>>>
>>> With Tor-based attacks on the rise, IBM says it's time to stop Tor in
>>> the enterprise.
>>>
>>> New data from IBM's X-Force research team shows steady increase in SQL
>>> injection and distributed denial-of-service attacks as well as
>>> vulnerability reconnaissance activity via the Tor anonymizing service.
>>>
>>
>> Well, that's why my exit nodes was, until recently, opened only to
>> HTTP/HTTPSâ Now I've pushed a more opened policy but got abuse mails
>> from my hosting service the next hoursâ until I locked down SSH port.
>>
>> People using Tor for "bad things" just don't realize how they fuck up
>> the whole thing. Not even mentioning "weird contents", just the script
>> kiddies running metasploit/other through Tor.
>>
>> Hopefully I'll be able to keep my exit up with the current configurationâ
>> --
>> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
>> To unsubscribe or change other settings go to
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk