Quantcast
Channel: EdgeRouter topics
Viewing all articles
Browse latest Browse all 20028

Newbie help on ERX - tor related

$
0
0

Hello,

 

I just installed an ERX on an isolated network yesterday both to learn the EdgeMax line and to isolate one network. I have just done the standard WAN-2LAN2 wizard and added hwnat offload. Otherwise it is straight out of the box on a residential-class Cox line (DHCP in). When I turned on DPI, I have one system that shows small amounts (maybe 1kb per hour) of tor traffic. This particular system had been connected recently to a network that has the potential to have been compromised (a know hacker gained physicl access to the site ). I have started running other similar clients on the ERX network (with the subject system off the lines) and I see no such traffic. I know the tor traffic may be mis-classification but the low volume, and system history, make me suspect a backdoor, etc.

 

Anyway the question: I have read that there is a way to set up a firewall rule to block tor now (I am on EdgeOS 1.9) but I don't know enough yet to set up the rule. Can anyone help? I figure If I block it I can eventually identify it.

 

Thanks 


Viewing all articles
Browse latest Browse all 20028

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>