Tor

1,729 views
1,569 views

Published on

Presentation given in 2010 about Tor, attack vectors, and advanced usage.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,729
On SlideShare
0
From Embeds
0
Number of Embeds
189
Actions
Shares
0
Downloads
43
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Tor

  1. 1. Overview Anonymity systems Review of how Tor works Tor Project Inc. Helper tools and accessories Advanced Tor control Attack Vectors
  2. 2. Anonymity Systems JAP I2P Freenet Xerobank Botnets
  3. 3. Freenet Storage network p2p based Shares files on your system to other nodes Plausabile Deniability
  4. 4. I2P Opposing design of Tor UDP based Darknet design Java, Python, and C API’s Mixed routing based on packets Splits tunneling between upstream and downstream “Garlic Routing” – mix streams together to prevent traffic analysis Variable latency design
  5. 5. Tor Tor(not TOR) – previously stood for The Onion Router Provides a method of anonymity by passing data between proxies
  6. 6. Tor Network
  7. 7. Terminology Cell – your message Circuit – tunnel made up of relays Entry Node: first hop into the Tor network Exit Node: last hop before destination Relay Node: middle hop Bridge Node: nodes not listed in the Tor directory to evade filtering
  8. 8. Who’s Using Tor? Whistleblowers  Wikileaks – runs hidden service Militaries  field ops  command and control using hidden services Chinese journalists and dissidents
  9. 9. Tor Project 501(c)(3) NFP Freely available Full spec and full documentation
  10. 10. Project Finances https://www.torproject.org/about/financials.html
  11. 11. Current Project Sponsors Federal Grant:  International Program to Support Democracy Human Rights and Labor  $632,189 International Broadcasting Bureau  Voice of America, Radio Free Europe/Radio Liberty, Radio and TV Martí, Radio Free Asia, Radio Sawa/Alhurra TV  $270,000 Stichting.Net  Association of NFP’s in the Netherlands  $38,279 Google: $29,083 ITT: $27,000 Other: $9,997 https://www.torproject.org/about/sponsors.html.en
  12. 12. Past Funders DARPA and Naval Research Labratory 2001-2006 EFF – 2004-2005
  13. 13. Tor Performance
  14. 14. Number of Relays
  15. 15. Number of Users
  16. 16. Tor Tools Torbutton Tor Browser Bundle Vidalia TorCheck Arm Tor-ramdisk  Anthony G. Basile from Buffalo
  17. 17. Tor Control Port Telnet to the control port authenticate "“ Create custom circuits (long or short) extendcircuit 0 a,b,c,… extendcircuit 0 a,b Show live circuit information setevents circ Change configuration on the fly setconf confitem Map a site to an exit node Mapaddress google.com=a.b Reload a configuration Getconf confitem
  18. 18. Attacks
  19. 19. Tor Passive Attack Vectors Traffic profiling – entry and exit analysis Cleartext exit node transmission Fingerprinting - OS, browser, configuration, activity Timing correlation Network partitioning End to end Size correlation
  20. 20. Tor Active Attack Vectors Compromised keys Malicious web servers Malicious Exit/Relay nodes DoS non-controlled nodes Timestamping and tagging Injecting or replacing unencrypted info Malicious Tor client
  21. 21. Tor Client Side Attacks DNS rebinding Disbanding attack – javascript, java, flash History disclosure Timezone information (partitioning)
  22. 22. Social Engineering Attacks Getting more traffic  “Use my relay. I have huge tubes!”  “Nick’s relay sucks”  “I’ve added a feature to my node.” Replacement  687474703a2f2f7777772e726f63686573746572323 630302e636f6d2f6861782f Partitioning  “Don’t use servers from this country”  “These servers are amazing!”
  23. 23. More Info www.torproject.org Metrics.torproject.org Blog.torproject.org Check.torproject.org @torproject

×