[tor-talk] IBM says Block Tor
paul.syverson at nrl.navy.mil
Thu Aug 27 12:57:44 UTC 2015
On Thu, Aug 27, 2015 at 10:08:26AM +0200, Tom van der Woerdt wrote:
> In some corporate environments this would be a reasonable thing to
> do. And the article that started this thread is about corporate
> If you work in a call center with a company computer, you have
> absolutely no reason to use Tor.
This is an overly narrow view of "use Tor". In any corporate
environment, including customer support settings, it could be
important to protect searches of public information (including perhaps
especially competitor information) from competitors and possible
network observers. Maybe _you_ would have no reason to use Tor there,
but your company would have a reason for you to use Tor.
> If you did use Tor, it would most likely be a red flag that you or
> the computer have been compromised and need investigation. Keep in
> mind that while at work, your boss decides what you are and aren't
> allowed to do with your time.
In an inadequately configured environment, perhaps. But corporate
investigators and law enforcement officers use Tor all the time to
investigate crime online and could have to do so unofficially if no
adequate sanctioned solution were available. Even in an inflexible
setting that tension is unnecessary, however. We specifically designed
for multiple usage scenarios including one where your use is subject
to local monitoring but still is protected once leaving the local
network. The case here is described under Proxy-and-OR-at-Firewall
Access in "Onion Routing Access Configurations".
> For the same reason, routing all employee traffic through a proxy
> and filtering sites that host games also seems reasonable.
> > On 27 Aug 2015, at 08:47, Virgil Griffith <i at virgil.gr> wrote:
> > "In general, networks should be configured to deny access to websites such
> > as www.torproject.org"
> > Blocking Tor exit nodes is one thing, but this is just bizarre. They could
> > make a claim that privacy from your boss is something they wish to prevent,
> > but I saw no such claim.
> >> On Thu, 27 Aug 2015 at 14:19 CJ <tor at tengu.ch> wrote:
> >>> On 08/27/2015 12:51 AM, grarpamp wrote:
> >> http://public.dhe.ibm.com/common/ssi/ecm/wg/en/wgl03086usen/WGL03086USEN.PDF
> >>> IBM Advises Businesses To Block Tor
> >>> With Tor-based attacks on the rise, IBM says it's time to stop Tor in
> >>> the enterprise.
> >>> New data from IBM's X-Force research team shows steady increase in SQL
> >>> injection and distributed denial-of-service attacks as well as
> >>> vulnerability reconnaissance activity via the Tor anonymizing service.
> >> Well, that's why my exit nodes was, until recently, opened only to
> >> HTTP/HTTPS… Now I've pushed a more opened policy but got abuse mails
> >> from my hosting service the next hours… until I locked down SSH port.
> >> People using Tor for "bad things" just don't realize how they fuck up
> >> the whole thing. Not even mentioning "weird contents", just the script
> >> kiddies running metasploit/other through Tor.
> >> Hopefully I'll be able to keep my exit up with the current configuration…
> >> --
> >> tor-talk mailing list - tor-talk at lists.torproject.org
> >> To unsubscribe or change other settings go to
> >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> > --
> > tor-talk mailing list - tor-talk at lists.torproject.org
> > To unsubscribe or change other settings go to
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> tor-talk mailing list - tor-talk at lists.torproject.org
> To unsubscribe or change other settings go to
More information about the tor-talk