Daniel
Premium,MVM
join:2000-06-26
Pleasanton, CA
clubs: 
|  Anonymnity: Introduction To The Tor Network
I know it's been mentioned a few times here already, but I wanted to give a short intro to this exciting new tool. Tor is an anonymnity network designed by the EFF.
said by the Tor website:
Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP protocol. The tool works by bouncing all of your traffic through a myriad of encrypted links (called onion routers). The trick is that none of the hops know anything about the original source; they just pass the information along to the next link in the encrypted chain.
Anyway, do go check it out. Also consider giving as I do to the EFF in order to support projects like this one.
Here's the overview page:
»tor.eff.org/overview.html
Here's the download page:
»tor.eff.org/download.html
And here's the documentation page:
»tor.eff.org/documentation.html
--
dmiessler.com - grep understanding knowledge |
|
texaslonghorn
 from:
antdude 
| New tool? Where have you been? |
|
DFWDraco76
Premium
join:2001-02-21
Plano, TX
clubs: | reply to Daniel
I've been thinking about checking it out... but how much does it slow things down?
--
my website: »www.utdallas.edu/~bal023000 |
|
jakoe420
join:2003-09-05
Knoxville, TN
clubs:
| reply to Daniel
I just installed Tor along with Privoxy, as recommended on Tor's website and haven't noticed any slowdown at all with browsing or Bit Torrent. And various privacy checks online have confirmed that my visible IP address is different than what it really is. So, I assume it is all in order? Anybody else use this? |
|
novaflare
The Dragon Was Here
Premium
join:2002-01-24
Barberton, OH
| reply to Daniel
They say its a series of routers but what it realy is is a bunch of proxies. Saying its distributed simply means its the same as all distributed computing. Many of these proxies will be running on peoples computers. Many of these people will be on slow connections and or computers loaded down with spyware and various other nasties. Again its the same deal it says encrypted well thats great. But heres the problem soem one will create a custom tor server and will then be able to do exactly what ive been saying about proxies for the last 4 or 5 years. And that is capture your log in information etc. Do not use this thing as a meathod for adding security to your computer and connection in the end you will be very insecure. Ive seen proxies used to steel personal information useing a non expireing cached page that had been modified. It was not long ago that i created a POC page to test and see if it did infact work. With out any special codeing and very little coding of my own i was able to make a simple web page that looked just like a legit login page. This page when information was filled in logged you in (a test hotmail account) but at tthe same time it emailed me the log in information for the account. The page was a copy paste job nothing more. A identify theif needs to know very little in the way of createing a website to pull this off. They need 3 thing
1 target bank paypal etc login page
2 to find a contact us page that uses email
3 a proxy server with cacheing capabilies
To set it up they make the cache in the proxy non expireing copy paste the html from the contact us page in to the log in page and drop the login page to cache of the proxy.
and oh yeh 4 a person to forget to not use a proxy when going to the site(s) they targeted or some one foolish enough to think the proxy makes them more secure.
This is not something that was just done by me as a POC but realy did happen and i was involved in trying to find out how it was doen. It took me a little more than 5 or 6 hours to find out how it was done and recreate and prove it was possible. My web dev knowlage is very out of date. The last web site i hand coded was in late 96 early 97.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channelopen source dns server for *nix and windows »powerdns.com |
|
boognish
Premium
join:2001-09-26
Baton Rouge, LA
clubs:
1 edit | reply to Daniel
Tor has been around for a couple of years. I read a paper a while back talking about how it was going to huge security problems for network admins. I will have to see if I can find it. |
|
novaflare
The Dragon Was Here
Premium
join:2002-01-24
Barberton, OH
| reply to novaflare
Now there are very legitimate and good uses for proxies.
Say your a exchange student from a asian country (take your pic for my example it dont matter) (i bet we have a few exchange students on these boards ither from asia or in asia).
As a echange student you need to go to your schools site daily. But your connection is very slow to it 3 secound ping times .5kb and its very painful to go there. Well connection to asia are very slow when your last hop is on the eastern or western coast of the us but when tyhey go out the gulf they are much quicker say 250 ms and 60 to 80KB. So what you want to do is find a proxy in texas or the gulf area. This will help to make sure your connection goes out through the gulf. For exchange students in the asian countries needing to access sites here you could use the same proxy as the exchange student in the us entering the us from the gulf.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channelopen source dns server for *nix and windows »powerdns.com |
|
Daniel
Premium,MVM
join:2000-06-26
Pleasanton, CA
clubs:
| reply to Daniel
Anyone doubting the legitimate uses of anonymous proxies needs to think about the legitimate uses of encryption as well. Just because something is likely going to also be used for nefarious purposes, doesn't make it inherently evil.
Go read about the EFF if you're confused as to what the purpose of this network is. It's not some network for script kiddies or terrorists; it's a network designed to allow for increased privacy on the Internet. Whether those two end up mixing or not isn't a valid argument against the project.
I mean, the obvious answer here is to not allow the public to have anything that can be used as a weapon. Heading down that path, however, will take us precisely where we don't need to be as a society.
--
dmiessler.com - grep understanding knowledge |
|
jakoe420
join:2003-09-05
Knoxville, TN
clubs:
| reply to Daniel
This is from their website:
6.2. So I'm totally anonymous if I use Tor?
No.
First of all, your application might leak personal information at the protocol level; or it might be vulnerable to issues like javascript; or you might type revealing information into a form.
Second, there are still some technical attacks that work against Tor. One of the strongest attacks can be done by an attacker who can observe large portions of the Internet: he has a list of Tor servers, records traffic timing at each of them, and can use to statistics to correlate entering streams with exiting streams.
Third, the more active you are, the more likely you are to stand out from the rest of the crowd. Sending or receiving a whole lot of bytes in a short period of time, or using Tor for long-standing connections like IRC, probably endangers your anonymity more than using it for short brief transactions. [#]
So, I don't understand attack option #2. Can somebody explain that in layman's terms? |
|
novaflare
The Dragon Was Here
Premium
join:2002-01-24
Barberton, OH
| reply to Daniel
said by Daniel :Anyone doubting the legitimate uses of anonymous proxies needs to think about the legitimate uses of encryption as well. Just because something is likely going to also be used for nefarious purposes, doesn't make it inherently evil. Go read about the EFF if you're confused as to what the purpose of this network is. It's not some network for script kiddies or terrorists; it's a network designed to allow for increased privacy on the Internet. Whether those two end up mixing or not isn't a valid argument against the project. I mean, the obvious answer here is to not allow the public to have anything that can be used as a weapon. Heading down that path, however, will take us precisely where we don't need to be as a society. Im not even talking about illegal uses for tor by those who might use it. Im talking about a script kiddie makeing a hacked version of tor to steel personal information and why no proxies should ever be used to transmit information that is secure. This includes banking info cc numbers log i info etc. As for getting by ip bans etc useing a proxy thats very easy to stop. Scan common proxy ports on all incoming connections and refuse the connection if one of those ports are open. IRC servers commonly do this and will auto gline any such ips. Some web servers have this functionality as well.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channelopen source dns server for *nix and windows »powerdns.com |
|
jp10558
Premium
join:2005-06-24
Willseyville, NY
| reply to Daniel
Tor isn't designed for security - it's designed for anonyminity. You should still use SSL for secured connections to the endpoint webpage.
Otherwise, this is no less secure than a direct connection to the net, however it does make it more difficult to trace you.
--
Opera 8.02(Build 7680); Windows XP Pro SP2;Athlon 64 3400+; 1GB PC3200 DDR; 1M/128k DSL; NOD32(Version 2.5.25); Sygate Pro 5.5(Build 2637);Proxomitron 4.5j Grypen 7/26/05(Opera mod),GPG ID:0x0A1C6EE3 |
|
Daniel
Premium,MVM
join:2000-06-26
Pleasanton, CA
clubs:
| reply to novaflare
said by novaflare :Im talking about a script kiddie makeing a hacked version of tor to steel personal information and why no proxies should ever be used to transmit information that is secure. A hacked version of Tor? Tor is two things, software loaded onto a user's system that lets them use the network, and the network itself. If you propose that a cracker could write the former, then they still have to install it. If they can install it, then why not just install a rootkit? I'll assume you know why they can't make another version of the network.
said by novaflare :This includes banking info cc numbers log i info etc. Use SSL for that. This project deals with hiding your source IP; it has nothing to do with the confidentiality of the data being moved. said by novaflare :As for getting by ip bans etc useing a proxy thats very easy to stop. Scan common proxy ports on all incoming connections and refuse the connection if one of those ports are open. And what if the server is firewalled? That's relying on the box answering new connection requests from random hosts -- something that isn't all that likely on a network set up for this sort of thing. You're confusing a misconfigured and/or cracked system running a proxy with a system designed to do precisely this.
--
dmiessler.com - grep understanding knowledge |
|
EGeezer
Summertime -
Premium
join:2002-08-04
Country!
 ·Callcentric
 ·RoadRunner Cable
·AT&T CallVantage
1 edit | reply to Daniel
I think trusted and verified control points are the requirements for any such network. The Tor signup process is quite rudimentary with minimal qualification or verification of the applicant's legitimacy.
Once a rogue node is in place, it would seem the node operator would be free to trap and decrypt traffic at their leisure. Since no rootkits or other malware are on the user's system, detection at that point would not be possible through malware detection schemes.
I also wonder what would happen if a legitimate node were to be infected and owned. Since there's no way to verify the security practices of a node operator, there could be a "clueless user" volunteer's system being used as a sniffer or collector of information that could be brute-force decrypted to fish for goodies.
I think it's an interesting and possibly workable idea, but vetting those with control over the nodes and servers would be a must. They'll have to convince me that it's a trusted network with trusted components. In the meantime, I feel I'd be gaining anonymity only between me and the remote system I'm connecting to, but exposing myself to the operators and nodes of the transporting anomymizer system.
Keep up the discussion - I'm interested in the pros & cons. 
--
Every
Good
Electrical
Engineer
Zeroes
Each
Register |
|
Daniel
Premium,MVM
join:2000-06-26
Pleasanton, CA
clubs:
| said by EGeezer :Once a rogue node is in place, it would seem the node operator would be free to trap and decrypt traffic at their leisure. Again, this is only an issue if the original traffic was unencrypted to begin with, which isn't a good idea (unless you don't care if someone reads it).
In short, if you want your data to be private, encrypt it. The Tor network just bounces whatever you send through its servers with additional encryption.
That being said, if a rougue Tor server was set up, what could it see? Well, if the user encrypted their data they'd simply see encrypted data from another Tor server. I see the benefits of this system being legion compared to any downsides -- especially since it's free.
--
dmiessler.com - grep understanding knowledge |
|
Daniel
Premium,MVM
join:2000-06-26
Pleasanton, CA
clubs:
| reply to EGeezer
said by EGeezer :I also wonder what would happen if a legitimate node were to be infected and owned. Since there's no way to verify the security practices of a node operator, there could be a "clueless user" volunteer's system being used as a sniffer or collector of information that could be brute-force decrypted to fish for goodies. I don't think so; my understanding is that these relays are blind; they're like Skype supernodes. It's a coduit for encrypted traffic moving through the network -- nothing more, nothing less.
While it'd not be good to have one of these systems compromised, I don't think it'd ruin the integrity of the entire network.
--
dmiessler.com - grep understanding knowledge |
|
novaflare
The Dragon Was Here
Premium
join:2002-01-24
Barberton, OH
| reply to Daniel
said by Daniel :said by EGeezer :Once a rogue node is in place, it would seem the node operator would be free to trap and decrypt traffic at their leisure. Again, this is only an issue if the original traffic was unencrypted to begin with, which isn't a good idea (unless you don't care if someone reads it). In short, if you want your data to be private, encrypt it. The Tor network just bounces whatever you send through its servers with additional encryption. That being said, if a rougue Tor server was set up, what could it see? Well, if the user encrypted their data they'd simply see encrypted data from another Tor server. I see the benefits of this system being legion compared to any downsides -- especially since it's free. Your wrong their daniel. Trafic can be encrypted or decrypted it doesnt matter. My poc page accepted and sent data fully encrypted to hotmail and another test target (the one i was involved with finding a way to protect it). The https was fully encrypted i could not see the data that was sent https in a unencrypted form. But the email submit add on sent the data fully unencrypted to me. It also with hotmail logged them in just fine with the secound target it gave a error 404 not found. Url was correct nothing about proxy server etc just a failed login. To the user it would seem like a oh damn the proxy im useing is slowing down my connection and would simply at this point turn off the proxy. Course by that time the damage is done.
Proxy as privacy or to get to a site thats slow for you fine have at it the privacy it gives is likly not realy even there the re routing of your trafic to a hopefully faster route still applies and is usefull. I do use proxies alot for the secound reason to speed up my connection to some sites. Some of these sites need me to login and i have to change my pass word every time while off the proxy when im done. But its worth it. No proxy and i get .5 to 1KB dl on the flash heavy page with proxy i get 80+KB.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channelopen source dns server for *nix and windows »powerdns.com |
|
Daniel
Premium,MVM
join:2000-06-26
Pleasanton, CA
clubs:
1 edit | said by novaflare :Your wrong there, Daniel. Trafic can be encrypted or decrypted it doesnt matter. Wrong about what? Are you saying that if SSL encrypted traffic moves through a compromised Tor server it can be broken? I don't think so. My point is simple, if your data's important -- encrypt it. No one here is saying we should depend on Tor for data confidentiality.
--
dmiessler.com - grep understanding knowledge |
|
Gelroos
Mad Mage
Premium
join:2003-05-23
Wilmington, DE
| reply to novaflare
A lot of this reminds me off trying to explain anonymous email using Mixmaster relays and eventual posting to newsgroups for retrieval. People just can't seem to realize that compromised nodes may be able to intercept and READ the data, but if the data is in a form that is UNREADABLE, then the data is useless to them. I can chain proxies and run a SSL tunnel thru several proxies, it may be slow, but the data will transverse the entire chain, ENCRYPTED, and then to the eventual target. If any of the proxy's try to modify the communication the worst that will happen is an error/break in communications. They would have to break the SSL tunnel encryption to READ the data I am sending/receiving. If the website I am communicating with is using SSL, and it is setup right, and my client supports it, then barring decrypting the SSL tunnel, I am pretty secure. Secure enough for what I am using SSL for, if I need more encryption, I use it.
--
The tree of liberty must be refreshed from time to time with the blood of patriots & tyrants. It is it's natural manure.The "Tree of Liberty" letter From Thomas Jefferson to William Smith |
|
Daniel
Premium,MVM
join:2000-06-26
Pleasanton, CA
clubs: | reply to Daniel
Well said, Gelroos. |
|
novaflare
The Dragon Was Here
Premium
join:2002-01-24
Barberton, OH
| reply to Gelroos
said by Gelroos :A lot of this reminds me off trying to explain anonymous email using Mixmaster relays and eventual posting to newsgroups for retrieval. People just can't seem to realize that compromised nodes may be able to intercept and READ the data, but if the data is in a form that is UNREADABLE, then the data is useless to them. I can chain proxies and run a SSL tunnel thru several proxies, it may be slow, but the data will transverse the entire chain, ENCRYPTED, and then to the eventual target. If any of the proxy's try to modify the communication the worst that will happen is an error/break in communications. They would have to break the SSL tunnel encryption to READ the data I am sending/receiving. If the website I am communicating with is using SSL, and it is setup right, and my client supports it, then barring decrypting the SSL tunnel, I am pretty secure. Secure enough for what I am using SSL for, if I need more encryption, I use it. And if the first hop in that chain happens to be compramised then what? Dont say it cant or wont happen. I know it can and given time will.
I mean realy how likly is it that game x with 3500 customers who can not buy it in a store localy and need to pay to download would get their information stolen all useing the same and only proxy that was a proxy set up to steel said info?
Not very damn likly highly unlikly infact yet it did happen. Once we managed to find away to deny proxies from connecting to the server for shoping we had those effected users take a survey of those 12 to 15 users 6 found the proxy on a proxy list online the rest were refered via private message on the games forum by one of 3 people. Half the cistomers effected by the theft found it useing google and other engines.
Maybe tor is th greatest thing sence sliced bread and maybe it will never be compramised in such a way as to ever effect any one. But i ask you why take a chance. Im not saying dont use tor but simply saying dont use it for any secure transations online dont ever log in to any thing with it unless your willing to turn it off change your log in info when leaving a secure site. The risk is to great. Yes most banks have mesures in place to keep you from being responsable for bogus charges but take it from some one who has helped people with things like this its a big hassle in alot of cases.
Proxies for rerouteing your connection fine for protecting you when posting on news groups great thats good to but when going to sites requiring log in its a huge mistake you could end up with a big suprise one day.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channelopen source dns server for *nix and windows »powerdns.com |
|
