[tor-relays] WannaCry fallout FYI

John Ricketts john at quintex.com
Sun May 14 19:51:46 UTC 2017


Exactly what I was thinking.

On May 14, 2017, at 14:51, niftybunny <abuse at to-surf-and-protect.net<mailto:abuse at to-surf-and-protect.net>> wrote:

>Known TOR exit nodes are listed within the Security Intelligence feed of ASA Firepower devices. Enabling this to be blacklisted will prevent outbound communications to TOR networks.

Wait, what?


niftybunny
abuse at to-surf-and-protect.net<mailto:abuse at to-surf-and-protect.net>

Where ignorance is bliss, 'Tis folly to be wise.

Thomas Gray

On 14. May 2017, at 21:45, Jon Gardner <toradmin at brazoslink.net<mailto:toradmin at brazoslink.net>> wrote:

>From the SNORT folks...

http://blog.talosintelligence.com/2017/05/wannacry.html?m=1

".... Additionally, organizations should strongly consider blocking connections to TOR nodes and TOR traffic on network. Known TOR exit nodes are listed within the Security Intelligence feed of ASA Firepower devices. Enabling this to be blacklisted will prevent outbound communications to TOR networks."

<><
Jon L. Gardner
Mobile: +1 979-574-1189
Email/Skype/Jabber: jon at brazoslink.net<mailto:jon at brazoslink.net>
AIM/iChat/MSN: jlg at mac.com<mailto:jlg at mac.com>
_______________________________________________
tor-relays mailing list
tor-relays at lists.torproject.org<mailto:tor-relays at lists.torproject.org>
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

_______________________________________________
tor-relays mailing list
tor-relays at lists.torproject.org<mailto:tor-relays at lists.torproject.org>
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20170514/b61274f9/attachment.html>


More information about the tor-relays mailing list