Blocking Tor Browser on Cisco ASA 5505

(config)# dns domain-lookup outside
(config)# dns server-group DefaultDNS
(config)# name-server 8.8.8.8
(config)# name-server 8.8.4.4
(config)# domain-name poc.local
(config)# dynamic-filter updater-client enable
(config)# dynamic-filter use-database
(config)# access-list dynamic-filter_acl extended permit ip any any
(config)# dynamic-filter enable interface outside classify-list dynamic-filter_acl
(config)# class dynamic-filter_snoop_class
(config-cmap)# match port udp eq domain
(config-cmap)# exit
(config)# policy-map dynamic-filter_snoop_policy
(config-pmap)# class dynamic-filter_snoop_class
(config-pmap-c)# inspect dns dynamic-filter-snoop
(config-pmap-c)# exit
(config-pmap)# exit
(config)# service-policy dynamic-filter_snoop_policy interface outside

Copy ips from
http://torstatus.blutmagie.de/ip_list_all.php/Tor_ip_list_ALL.csv
https://www.dan.me.uk/torlist/

Download my Excel file and paste those ips into row A5
https://mega.co.nz/#!dFsAnDIT!9c6G42zTHtKOkNW7GsgbFK-jKfaXd4hRU35eFjeQTUo
Remove duplicate entries by selecting column A, then click menu DATA, click Remove Duplicate button
Copy all ips from column A and paste into ASDM/Botnet Traffic Filter/Black and White Lists

2010140806

Advertisements

2 thoughts on “Blocking Tor Browser on Cisco ASA 5505

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s