Agreed - Though in our case they aren't supposed to be grownups as
this is a grade 7 thru 12 secondary school. And the students using Tor
are doing it on their personal laptops, which I don't have the
resources to police effectively.
I know it probably can't be blocked 100% - I just need to make it hard
enough for enough people.
I'll have to figure out the syntax for dumping that iblocklist into
SquidGuard. I tried pointing squid at that url but I'm not sure it
worked.
Luke Jaeger | Technology Coordinator
Pioneer Valley Performing Arts Charter Public School
www.pvpa.org
On Jan 7, 2010, at 3:57 AM, Robert Mortimer wrote:
On 05/01/10 16:11, Luke Jaeger wrote:
Has anyone had any success blocking Tor thru pfsense/squidguard?
Some
of
our savvier students are starting to use it to get around the
content
filters ...
The list I sent you has a large number of Tor nodes on it [http://list.iblocklist.com/?list=tor
]. All you need to do is make Tor unreliable enough and feed back to
users when you detect an attempt to access one of the listed nodes.
They will soon move on and present you with a new "opportunity to
shine". Defeating Tor all together will just cause them to move on
faster. Giving Tor a frisson of danger will stop 95% and you will
still have the names of the remaining 5%.
My brother worked in a fire alarm company. The system detected heads
that had been removed. In student halls this was invariably for a
student to have a smoke, so disconnected the head in their room. In
some Universities they were called back again and again (at some
cost) for removed heads. I the ones that chucked students out of
halls the second they were found to have done it it only happened
once per year. Not only that the alarms worked and there was lower
risk of some git setting fire to the halls.
In student life the odd example is always a start. You could block
MAC addresses of offenders and tell them to use public PCs in the
library, or limit their login to specific machines. Sanctions can be
part of the solution. After all they are supposed to be grown-ups.
So long as there is no down-side it will always be a battle that
they will throw energy into. Once there is a down side they will be
a lot less energetic
PS - I second Open-DNS but last time I looked they did not list Tor
it was still a request
Rob
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
