Exactly what I was thinking. On May 14, 2017, at 14:51, niftybunny <abuse@to-surf-and-protect.net<mailto:abuse@to-surf-and-protect.net>> wrote:
Known TOR exit nodes are listed within the Security Intelligence feed of ASA Firepower devices. Enabling this to be blacklisted will prevent outbound communications to TOR networks.
Wait, what? niftybunny abuse@to-surf-and-protect.net<mailto:abuse@to-surf-and-protect.net> Where ignorance is bliss, 'Tis folly to be wise. Thomas Gray On 14. May 2017, at 21:45, Jon Gardner <toradmin@brazoslink.net<mailto:toradmin@brazoslink.net>> wrote:
From the SNORT folks...
http://blog.talosintelligence.com/2017/05/wannacry.html?m=1 ".... Additionally, organizations should strongly consider blocking connections to TOR nodes and TOR traffic on network. Known TOR exit nodes are listed within the Security Intelligence feed of ASA Firepower devices. Enabling this to be blacklisted will prevent outbound communications to TOR networks." <>< Jon L. Gardner Mobile: +1 979-574-1189 Email/Skype/Jabber: jon@brazoslink.net<mailto:jon@brazoslink.net> AIM/iChat/MSN: jlg@mac.com<mailto:jlg@mac.com> _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org<mailto:tor-relays@lists.torproject.org> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org<mailto:tor-relays@lists.torproject.org> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays