Scribd Logo
Importer

Bienvenue sur Scribd !

  • Detecta y Bloquea TOR Con MikroTik

    Transféré par

    odp-venado
    431 vues5 pages
    Bloquear TOR

    Copyright

    © © All Rights Reserved

    Formats disponibles

    PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    Bloquear TOR

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    431 vues5 pages

    Detecta y Bloquea TOR Con MikroTik

    Transféré par

    odp-venado
    Bloquear TOR

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 5

    How to Detect and Block TOR Browser traffic

    How to Detect and Block TOR Browser traffic



    HI everyone , i wish everything going well , today we going to know how to block TOR browser
    Tor is free software and an open network that helps you defend against a form of network surveillance that threatens
    personal freedom and privacy, confidential business activities and relationships
    or protects you by bouncing your communications around a distributed network of relays run by volunteers all
    around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it
    prevents the sites you visit from learning your physical location. Tor works with many of your existing applications,
    including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol.
    you can downlaod TOR browser from the following link [1]
    after discovering which destination this TOR browser is trying to connect to , we made a list with and and we added
    it in firewall address list
    ip firewall address-list
    add address=98.206.110.253 comment="" disabled=no list=TOR-SERVERS
    add address=80.237.226.75 comment="" disabled=no list=TOR-SERVERS
    add address=199.48.147.35 comment="" disabled=no list=TOR-SERVERS
    add address=173.254.192.37 comment="" disabled=no list=TOR-SERVERS
    add address=88.198.35.251 comment="" disabled=no list=TOR-SERVERS
    add address=77.247.181.164 comment="" disabled=no list=TOR-SERVERS
    add address=173.254.192.38 comment="" disabled=no list=TOR-SERVERS
    add address=192.251.226.205 comment="" disabled=no list=TOR-SERVERS
    add address=85.112.165.71 comment="" disabled=no list=TOR-SERVERS
    add address=76.73.48.211 comment="" disabled=no list=TOR-SERVERS
    add address=217.115.137.222 comment="" disabled=no list=TOR-SERVERS
    add address=76.73.48.210 comment="" disabled=no list=TOR-SERVERS
    add address=199.48.147.41 comment="" disabled=no list=TOR-SERVERS
    add address=83.142.228.14 comment="" disabled=no list=TOR-SERVERS
    add address=77.247.181.163 comment="" disabled=no list=TOR-SERVERS
    add address=188.138.82.143 comment="" disabled=no list=TOR-SERVERS
    add address=77.247.181.165 comment="" disabled=no list=TOR-SERVERS
    add address=184.172.20.159 comment="" disabled=no list=TOR-SERVERS
    add address=199.48.147.38 comment="" disabled=no list=TOR-SERVERS
    add address=173.254.192.36 comment="" disabled=no list=TOR-SERVERS
    add address=87.225.253.174 comment="" disabled=no list=TOR-SERVERS
    add address=216.17.108.63 comment="" disabled=no list=TOR-SERVERS
    add address=137.56.163.46 comment="" disabled=no list=TOR-SERVERS
    add address=199.48.147.36 comment="" disabled=no list=TOR-SERVERS
    add address=204.45.133.189 comment="" disabled=no list=TOR-SERVERS
    add address=91.143.81.16 comment="" disabled=no list=TOR-SERVERS
    add address=85.228.194.157 comment="" disabled=no list=TOR-SERVERS
    add address=213.103.195.84 comment="" disabled=no list=TOR-SERVERS
    add address=137.56.163.64 comment="" disabled=no list=TOR-SERVERS
    add address=82.94.251.204 comment="" disabled=no list=TOR-SERVERS
    add address=199.48.147.40 comment="" disabled=no list=TOR-SERVERS

    How to Detect and Block TOR Browser traffic


    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add

    address=195.242.152.250 comment="" disabled=no list=TOR-SERVERS


    address=74.120.13.132 comment="" disabled=no list=TOR-SERVERS
    address=62.220.135.129 comment="" disabled=no list=TOR-SERVERS
    address=204.8.156.142 comment="" disabled=no list=TOR-SERVERS
    address=199.48.147.46 comment="" disabled=no list=TOR-SERVERS
    address=68.169.35.41 comment="" disabled=no list=TOR-SERVERS
    address=94.75.215.53 comment="" disabled=no list=TOR-SERVERS
    address=85.17.97.19 comment="" disabled=no list=TOR-SERVERS
    address=74.120.12.135 comment="" disabled=no list=TOR-SERVERS
    address=87.225.253.173 comment="" disabled=no list=TOR-SERVERS
    address=199.48.147.42 comment="" disabled=no list=TOR-SERVERS
    address=91.143.90.155 comment="" disabled=no list=TOR-SERVERS
    address=38.229.70.42 comment="" disabled=no list=TOR-SERVERS
    address=188.72.225.172 comment="" disabled=no list=TOR-SERVERS
    address=188.40.41.115 comment="" disabled=no list=TOR-SERVERS
    address=87.118.104.203 comment="" disabled=no list=TOR-SERVERS
    address=62.141.58.13 comment="" disabled=no list=TOR-SERVERS
    address=199.48.147.39 comment="" disabled=no list=TOR-SERVERS
    address=93.11.116.22 comment="" disabled=no list=TOR-SERVERS
    address=96.236.44.173 comment="" disabled=no list=TOR-SERVERS
    address=76.73.85.122 comment="" disabled=no list=TOR-SERVERS
    address=199.48.147.37 comment="" disabled=no list=TOR-SERVERS
    address=188.104.135.148 comment="" disabled=no list=TOR-SERVERS
    address=188.40.51.232 comment="" disabled=no list=TOR-SERVERS
    address=188.40.32.154 comment="" disabled=no list=TOR-SERVERS
    address=178.162.166.13 comment="" disabled=no list=TOR-SERVERS
    address=178.63.16.48 comment="" disabled=no list=TOR-SERVERS
    address=83.169.0.7 comment="" disabled=no list=TOR-SERVERS
    address=38.229.70.47 comment="" disabled=no list=TOR-SERVERS
    address=38.229.70.34 comment="" disabled=no list=TOR-SERVERS
    address=109.201.131.11 comment="" disabled=no list=TOR-SERVERS
    address=38.229.70.33 comment="" disabled=no list=TOR-SERVERS
    address=38.229.70.32 comment="" disabled=no list=TOR-SERVERS
    address=38.229.70.31 comment="" disabled=no list=TOR-SERVERS
    address=38.229.70.37 comment="" disabled=no list=TOR-SERVERS
    address=38.229.70.46 comment="" disabled=no list=TOR-SERVERS
    address=38.229.70.51 comment="" disabled=no list=TOR-SERVERS
    address=38.229.70.52 comment="" disabled=no list=TOR-SERVERS
    address=38.229.70.53 comment="" disabled=no list=TOR-SERVERS
    address=38.229.70.54 comment="" disabled=no list=TOR-SERVERS
    address=68.169.35.42 comment="" disabled=no list=TOR-SERVERS
    address=74.120.12.140 comment="" disabled=no list=TOR-SERVERS
    address=74.120.12.131 comment="" disabled=no list=TOR-SERVERS
    address=74.120.12.130 comment="" disabled=no list=TOR-SERVERS
    address=74.120.12.129 comment="" disabled=no list=TOR-SERVERS
    address=76.73.85.123 comment="" disabled=no list=TOR-SERVERS
    address=76.73.85.124 comment="" disabled=no list=TOR-SERVERS

    How to Detect and Block TOR Browser traffic


    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add
    add

    address=76.73.85.125 comment="" disabled=no list=TOR-SERVERS


    address=76.73.85.126 comment="" disabled=no list=TOR-SERVERS
    address=80.237.226.72 comment="" disabled=no list=TOR-SERVERS
    address=80.237.226.73 comment="" disabled=no list=TOR-SERVERS
    address=80.237.226.74 comment="" disabled=no list=TOR-SERVERS
    address=80.237.226.76 comment="" disabled=no list=TOR-SERVERS
    address=80.237.226.77 comment="" disabled=no list=TOR-SERVERS
    address=80.237.226.78 comment="" disabled=no list=TOR-SERVERS
    address=80.237.226.79 comment="" disabled=no list=TOR-SERVERS
    address=82.94.251.206 comment="" disabled=no list=TOR-SERVERS
    address=87.225.253.172 comment="" disabled=no list=TOR-SERVERS
    address=173.254.216.67 comment="" disabled=no list=TOR-SERVERS
    address=192.251.226.204 comment="" disabled=no list=TOR-SERVERS
    address=193.23.244.0/24 comment="" disabled=no list=TOR-SERVERS
    address=199.48.147.34 comment="" disabled=no list=TOR-SERVERS
    address=199.48.147.43 comment="" disabled=no list=TOR-SERVERS
    address=199.48.147.44 comment="" disabled=no list=TOR-SERVERS
    address=199.48.147.45 comment="" disabled=no list=TOR-SERVERS
    address=217.115.137.220 comment="" disabled=no list=TOR-SERVERS
    address=217.115.137.219 comment="" disabled=no list=TOR-SERVERS
    address=66.230.230.230 comment="" disabled=no list=TOR-SERVERS
    address=173.254.216.69 comment="" disabled=no list=TOR-SERVERS
    address=91.208.34.12 comment="" disabled=no list=TOR-SERVERS
    address=188.40.172.119 comment="" disabled=no list=TOR-SERVERS

    we note also that TOR browser is using port 22 and 443


    so now we can match on users that is using TOR browser by the following rules
    ip firewall mangle
    add action=add-src-to-address-list address-list="New Tor-Users" \
    address-list-timeout=5m chain=prerouting comment="New Tor Version" \
    disabled=no dst-port=22 protocol=tcp
    add action=add-src-to-address-list address-list=Tor-Users \
    address-list-timeout=5m chain=prerouting comment="Tor Users" disabled=no \
    dst-address-list=TOR-SERVERS dst-port=443 protocol=tcp
    and then we can block all traffic that is coming from TOR users by the following rules
    ip firewall filter
    add action=drop chain=forward comment="Drop new TOR version" disabled=no \
    src-address-list="New Tor-Users"
    add action=drop chain=forward comment="Block TOR browser" disabled=no \
    src-address-list=Tor-Users
    also note that these rules we have applied on Mikrotik ROS 3.30 only , but we think it may work out on newer
    versions

    How to Detect and Block TOR Browser traffic

    References
    [1] https:/ / www. torproject. org/ dist/ torbrowser/ tor-browser-2. 2. 33-3_en-US. exe

    Article Sources and Contributors

    Article Sources and Contributors


    How to Detect and Block TOR Browser traffic Source: http://wiki.mikrotik.com/index.php?oldid=22309 Contributors: Qobtan

    Vous aimerez peut-être aussi