Two common threats a network administrator will deal with involving people trying to circumvent content-filtering proxies is people using a proxy, as well as Tor. While fundamentally they are the same there’s also some distinct differences between the two.
The purpose of Tor is to share information securely and confidentially. Tor also has its own darknet of sorts where you get a random Onionfied URL/domain and its only accessible via Tor. Most people also use it to try and get past network devices and filters without being caught what they are trying to transmit.
Its really in how Tor works though that causes most concern for me. From a network admin’s standpoint, you want to keep your network secure. Most users who would use Tor discovered it by Googling or via word of mouth, and just set it and forgot it. This can always pose an issue, but what about those users who want to dig deeper, and even potentially run an exit node from your own network?
That is threat I’m talking about. This would lead to your network being open to various attacks, especially if the exit node is not configured properly. In light of this, you would also have to filter out outbound traffic on said point, and make sure no sensitive data was stolen or tampered with in any way. Such a pleasant thought isn’t it?
While I’ve not found any resources on how to start your own Tor network, the source code for the project is open.
There’s different versions of proxies, each with their pros and cons. Some have authentication, some don’t. Most of the proxies (if any) don’t have encryption though, which is Tor’s biggest advantage. However, standard proxies also have advantages of their own:
- Improved speed compared to Tor
With Tor, traffic is routed through various relays before hitting the exit node, each adding a bit more latency to the traffic flow for logical reasons. This adds to the fact that its not uncommon to see your IP saying you’re in South Africa when in actuality you’re in Toronto, Canada.
Unlike Tor a standard proxy is easy to set up and maintain. It doesn’t offer the encryption and security that Tor does, but a standard proxy can have its own benefits if you like to get fancy with firewall rules.
Its always important to know how your enemy works. If you wanted to be really mean to someone on the LAN who is using Tor you could also throttle their switch port too, but that’s just for fun. 😉