SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  Tor -- Client Request 6

Category: PROXY-ACCESS      

Tor (The Onion Router) is an anonymous proxy access for web browsing. Data packets on the Tor network take a random pathway through several servers; the client negotiates a separate set of encryption keys for each hop along the circuit to ensure that each hop can't trace these connections as they pass through.

Tor also has bridge modes used to bypass firewall controls using network protocol obfuscation techniques. Enable Encrypted Key Exchange application signature for TCP to block the random key exchange modes like obfs3. Also, enable DPI-SSL Client Inspection to block the cloud service tunnels like meek-amazon, meek-azure, meek-google, etc.

This SonicWALL signature blocks Tor network traffic which may be a policy violation for your organization.



Relevant Information