This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Cookie Policy. Click Preferences to customize your cookie settings.
Block PSIPHON 3
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- Discussions
- General Topics
- Block PSIPHON 3
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
09-21-2015 08:10 AM - edited 09-21-2015 08:11 AM
Hi all,
Does anybody already try with success to block Psiphon (https://www.psiphon3.com) ?
It's quite easy when psiphon is configured in VPN mode but how can I do that when VPN is not used ?
Thanks in advance for sharing.
V.
Labels:
- Labels:
-
App-ID
-
Decryption
1 ACCEPTED SOLUTION
Accepted Solutions
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-08-2015 12:39 AM
Hi all,
After opening a case, the answer is: Decryption enabled (blocking unsupported cypher-suite) + denying 'psiphon' application in security policy should be enough.
Need to be tested.
V.
13 REPLIES 13
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
09-21-2015 10:19 AM
Hello,
If you use some kind of web filtering, this should be able to block it on your network. I just checked the PAN-DB-URL and that url is:
URL
psiphon3.com
Category
Computer and Internet Info
So if the product, I dont know its workings, uses the same URL, you should be able to block it.
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
09-22-2015 09:04 AM
Hi,
URL filtering can't be used because after "installing" the psiphon client, you need to initiate connexion.
These connexions are based on SSL then no URL filtering ... 😞
V.
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
09-22-2015 09:15 AM
Hello,
I do not know how the client works so I cannot see the traffic for myself. However you should still be able to see the URL's eventhough the traffic is SSL. Perhaps a submission for application detection is in order?
Custom signatures:
https://live.paloaltonetworks.com/t5/Documentation-Articles/Custom-Application-Signatures/ta-p/58625
Submit an application:
http://researchcenter.paloaltonetworks.com/submit-an-application/
Hope this helps...
Options
- Mark as New
- Subscribe to RSS Feed
- Permalink
09-22-2015 11:11 AM
Just in case you do use URL filtering:
URL: www.psiphon3.com
Previous category: computer-and-internet-info
You suggested: proxy-avoidance-and-anonymizers
New category: proxy-avoidance-and-anonymizers
The new categorization is available starting with URL DB version: 2015.09.22.220
Regards,
Related Content
- How to block Excel macros in Cortex XDR Discussions
- BIOC Question in Cortex XDR Discussions
- Can you setup a S2S VPN behind your Outside (untrusted) interface on same firewall? in General Topics
- Cortex Domain controllers exceptions in Cortex XDR Discussions
- Device Block List for GlobalProtect - where is it in v10.x? in GlobalProtect Discussions
Like what you see?
Show your appreciation!
Click Like if a post is helpful to you or if you just want to show your support.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks