[tor-talk] IBM says Block Tor

spriver spriver at autistici.org
Thu Aug 27 08:50:44 UTC 2015 

Hi,

I will share my experience with getting into Tor out of my companies
network (one in the top ten of the biggest employers in Germany):

The website torproject.org is blocked entirely, but nearly all mirrored
websites do work. After downloading Tor I just had to set up the proxy
in the network settings of Tor. It worked right out of the box. I was a
bit surprised because we have a bit strict access list for websites and
a really high security standard. (and I do not understand the blocking
of the Torproject website). (maybe I should try to get an OONI-Test in
there?)

Of course it's every employers own decision to allow or deny certain
websites since it's their corporate network. But claiming Tor as "bad"
and malicious (IBM) is not the reality. But I am waiting eagerly if my
employer decides to block Tor entirely.

Cheers!

Virgil Griffith:
> "In general, networks should be configured to deny access to websites such
> as www.torproject.org"
> 
> Blocking Tor exit nodes is one thing, but this is just bizarre. They could
> make a claim that privacy from your boss is something they wish to prevent,
> but I saw no such claim.
> 
> On Thu, 27 Aug 2015 at 14:19 CJ <tor at tengu.ch> wrote:
> 
>>
>>
>> On 08/27/2015 12:51 AM, grarpamp wrote:
>>>
>> http://public.dhe.ibm.com/common/ssi/ecm/wg/en/wgl03086usen/WGL03086USEN.PDF
>>>
>>> IBM Advises Businesses To Block Tor
>>>
>>> With Tor-based attacks on the rise, IBM says it's time to stop Tor in
>>> the enterprise.
>>>
>>> New data from IBM's X-Force research team shows steady increase in SQL
>>> injection and distributed denial-of-service attacks as well as
>>> vulnerability reconnaissance activity via the Tor anonymizing service.
>>>
>>
>> Well, that's why my exit nodes was, until recently, opened only to
>> HTTP/HTTPS… Now I've pushed a more opened policy but got abuse mails
>> from my hosting service the next hours… until I locked down SSH port.
>>
>> People using Tor for "bad things" just don't realize how they fuck up
>> the whole thing. Not even mentioning "weird contents", just the script
>> kiddies running metasploit/other through Tor.
>>
>> Hopefully I'll be able to keep my exit up with the current configuration…
>> --
>> tor-talk mailing list - tor-talk at lists.torproject.org
>> To unsubscribe or change other settings go to
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>

More information about the tor-talk mailing list