08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Tor project
1. Tor – The onion Router Research Paper
1 | P a g e
CYBER CELL SUMMER INTERNSHIP
GURUGRAM
June-July 2017
A PROJECT ON
“Tor – The Onion Router”
Under the supervision of -
Mr. Rakshit Tandon
Advisor, Cyber Cell Gurugram, Haryana Police
Presented by -
AAYUSH VARSHNEY
KNIT SULTANPUR
In Association With
2. Tor – The onion Router Research Paper
2 | P a g e
Acknowledgement
The success and outcome of this project required a lot of guidance and assistance from many
people and we are extremely fortunate to have got this throughout our internship. Whatever we
have done is only due to such guidance and assistance and we would like to thank them.
Mere words cannot adequately compensate for the immense help and exposure to cyber world so
profusely showered upon us by our mentor Mr Rakshit Tandon, our esteemed guest speakers and
friends in the entire term of our internship, yet we made an attempt.
We express our heartfelt gratitude towards our guide, Mr Rakshit Tandon, for his valuable support
towards the successful completion of our project. His childish rebuke, friendly attitude and
guidance, gave us encouragement to the head on the path of righteousness. Sir, we can say for sure
that the experience we gained here, is imprinted on our hearts and minds forever.
A special mention that we would like to make is of Mr Sandeep Khirwar (Commisioner of Police,
Gurugram), Ms Pankhuri (ACP Crime) and Gurugram Police, for providing us this facility and
platform where we were able to sharpen our skills.
We would also like to express our sincere gratitude towards the Paytm team, for supporting our
internship program.
A big thank you to INSP Anand Kumar (Haryana State Cyber Crime Branch) and INSP Sudhir
Kumar (S.H.O. Sec 40), our project lead/ in charge.
A mentor plays a very special role in someone’s life and during our term here we were exposed to
people of great valour. We would like to give them special thanks for awarding us with a part of
their valuable time and for sharing with us their knowledge.
We would also like to take this opportunity and thank all our colleagues for their valuable
assistance and support during the execution of this project work.
3. Tor – The onion Router Research Paper
3 | P a g e
Rakshit Tandon
Director Executive- Council of Information Security
Cell:+91-9760010017
Email : info@rakshittandon.com , rakshit@arinfosec.com
Website: www.rakshittandon.com, www.arinfosec.com
Facebook: /safe.surfing
Twitter: @ tandonrakshit
Linkedin: rakshittandon
Mr. Rakshit Tandon , Founder/Chairman of A & R Info Security Solutions Pvt Ltd, Cyber Security
Evangelist has experience of more than a decade in Security Domain. Chairing and part of various
Important Security Councils and Chapter. He is Director Executive - Council of Information Security
and Cyber Security Consultant to Internet and Mobile Association of India. Marked as Resource
Person/Faculty for Cyber Crime Investigations at BPRD (Bureau of Police Research and
Development) for Training Law Enforcement Officers across the Country. Member Advisory to
National Cyber Safety and Security Standards.
He in personal capacity has sensitized more than 1.8 million students on the issue of Cyber Safety
across the nation covering more than 24 states, 4 union territories. Played important role contributing
to Child Online Protection in India Report by UNICEF. Has been Non European Expert at European
Commission on Safer Internet in 2010.
Awarded with Karamveer Chakra by Rex Conclave 2015 and 2016 with Gold Karamveer Chakra .
Also awarded the Cyber Guru of the Year Award in 2015 by Government of Maharashtra.
He has been invited Nationally and International Conference on Cyber Security as Key Note Speaker
and Panellist. Faculty to Major Police Academies across the country like CBI academy, NEPA,
CDTS Ghaziabad-Chandigarh-Jaipur, PRTS Indore etc. Conducted Session with Australian Embassy,
European Union Delegation to India, United Nations Department of Safety and Security (UNDSS),
UN WFO, CII, FICCI etc.
4. Tor – The onion Router Research Paper
4 | P a g e
Introduction of TOR
Tor is an Internet networking protocol designed to secure the data
relayed across it. Using Tor's software will make it difficult, if not
impossible, for any snoops to see your webmail, search history, social
media posts or other online activity. They also won't be able to tell which
country you're in by analyzing your IP address, which can be very useful
for journalists, activists, businesspeople and more.
Tor is free software for enabling anonymous communication. The
name is derived from an acronym for the original software project name
"The Onion Router". Tor directs Internet traffic through a free,
worldwide, volunteer overlay network consisting of more than seven
thousand relays to conceal a user's location and usage from anyone
conducting network surveillance or traffic analysis. Using Tor makes it
more difficult for Internet activity to be traced back to the user: this
includes "visits to Web sites, online posts, instant messages, and other
communication forms". Tor's use is intended to protect the personal
privacy of users, as well as their freedom and ability to conduct
confidential communication by keeping their Internet activities from
being monitored.
5. Tor – The onion Router Research Paper
5 | P a g e
How does Tor work ?
The Tor network runs through the computer servers of thousands of volunteers (over
4,500 at time of publishing) spread throughout the world. Your data is bundled into an
encrypted packet when it enters the Tor network.
Then, unlike the case with normal Internet connections, Tor strips away part of the
packet's header, which is a part of the addressing information that could be used to learn
things about the sender such as the operating system from which the message was sent.
Finally, Tor encrypts the rest of the addressing information, called the packet
wrapper. Regular Internet connections don't do this.
The modified and encrypted data packet is then routed through many of these
servers, called relays, on the way to its final destination. The roundabout way packets travel
through the Tor network is akin to a person taking a roundabout path through a city to
shake a pursuer.
Each relay decrypts only enough of the data packet wrapper to know which relay
the data came from, and which relay to send it to next. The relay then rewraps the package
in a new wrapper and sends it on.
The layers of encrypted address information used to anonymize data packets sent
through Tor are reminiscent of an onion, hence the name. That way, a data packet's path
through the Tor network cannot be fully traced.
Some regular Internet data packets are encrypted using a protocol called Secure
Socket Layer (SSL) or its newer, stronger cousin Transport Layer Security (TLS). For
example, if you submit your credit card information to an online store, that information
travels across the network in an encrypted state to prevent theft.
However, even when you use SSL or TLS, it's still possible for others to intercept
those packets and see the information's metadata — who sent that encrypted information
and who received it — because the addressing wrappers in SSL or TLS are not encrypted.
In Tor, they are, which hides the sender and receiver of a given transmission.
Further, if you use the Tor Browser to visit a website that does not use encryption
to secure users' connections, then your data packet will not be encrypted when it makes the
final hop from the last Tor relay to the website's server. That's because the data packet's
destination lies outside the Tor network. So it's best to be sure that a website offers some
kind of SSL or TLS encryption, usually denoted by an "https" instead of simply "http" in
the Web address, before trying to access it anonymously.
6. Tor – The onion Router Research Paper
6 | P a g e
Owner information
The U.S. Naval Research Laboratory sponsored the development of
onion routing in the 1990s, and Tor itself was developed by Navy and
independent researchers in 2002.
Today, Tor's original creators continue to support and update the
protocol under the Tor Project, an independent, nonprofit organization that is
partly funded by various arms of the U.S. government.
The Tor protocol is open-source, meaning anyone can view the code
and incorporate it into their own software. The Tor protocol and its
implementation in the Tor Browser Bundle have also been extensively peer
reviewed, which means that many researchers have examined them to make
sure they offer the strongest possible security.
Initial release 20 September 2002
Stable release 0.3.0.9 (29 June 2017; 5 days ago)
Preview release 0.3.1.4-alpha (29 June 2017; 5 days ago)
Repository gitweb.torproject.org/tor.git
Development status Active
Written in C, Python, Rust
Operating system Microsoft Windows ,Unix-like (Android, Linux,
macOS)
Size 2–4 MB
Type Onion routing, Anonymity
License Original BSD
Website torproject.org
Founders Roger Dingledine & Nick Mathewson
Headquarters Cambridge, MA; Seattle, WA
Products Tor & Orbot
Executive Director Shari Steele
Revenue (2013) $2,872,929
Expenses (2013) $2,431,941
Mission To advance human rights and freedoms by creating
and deploying free and open anonymity and privacy
technologies, supporting their unrestricted availability
and use, and furthering their scientific and popular
understanding.
7. Tor – The onion Router Research Paper
7 | P a g e
Tor I.P. Bouncing
Step 1:-
Step 2:-
8. Tor – The onion Router Research Paper
8 | P a g e
Step 3:-
Step 4:-
9. Tor – The onion Router Research Paper
9 | P a g e
Step 5:-
Step 6:-
10. Tor – The onion Router Research Paper
10 | P a g e
What is TOR relay ?
Tor relays are also referred to as "routers" or "nodes." They receive traffic on
the Tor network and pass it along. Check out the Tor website for a more detailed
explanation of how Tor works.
There are three kinds of relays that you can run in order to help the Tor
network: middle relays, exit relays, and bridges.
For greater security, all Tor traffic passes through at least three relays before it
reaches its destination. The first two relays are middle relays which receive traffic
and pass it along to another relay. Middle relays add to the speed and robustness of
the Tor network without making the owner of the relay look like the source of the
traffic. Middle relays advertise their presence to the rest of the Tor network, so that
any Tor user can connect to them. Even if a malicious user employs the Tor network
to do something illegal, the IP address of a middle relay will not show up as the
source of the traffic. That means a middle relay is generally safe to run in your home,
in conjunction with other services, or on a computer with your personal files. See
our legal FAQ on Tor for more info.
An exit relay is the final relay that Tor traffic passes through before it reaches
its destination. Exit relays advertise their presence to the entire Tor network, so they
can be used by any Tor users. Because Tor traffic exits through these relays, the IP
address of the exit relay is interpreted as the source of the traffic. If a malicious user
employs the Tor network to do something that might be objectionable or illegal, the
exit relay may take the blame. People who run exit relays should be prepared to deal
with complaints, copyright takedown notices, and the possibility that their servers
may attract the attention of law enforcement agencies. If you aren't prepared to deal
with potential issues like this, you might want to run a middle relay instead. We
recommend that an exit relay should be operated on a dedicated machine in a hosting
facility that is aware that the server is running an exit node. The Tor Project blog has
these excellent tips for running an exit relay. See our legal FAQ on Tor for more info.
Bridges are Tor relays which are not publicly listed as part of the Tor network.
Bridges are essential censorship-circumvention tools in countries that regularly
block the IP addresses of all publicly listed Tor relays, such as China. A bridge is
generally safe to run in your home, in conjunction with other services, or on a
computer with your personal files.
11. Tor – The onion Router Research Paper
11 | P a g e
Onion Router
You can buy onion router directly from amazon.
Or from
www.anonabox.com
12. Tor – The onion Router Research Paper
12 | P a g e
Use of onion router
Access the deep web:-
Gain access to the estimated 35% of the
Internet’s search content not reachable via traditional search engines like
Google. Using Tor allows access to .Onion domains as well as access to tools
to help navigate this additional web content freely.
Anonymous wifi – tor: -
Connect to public WiFi networks using Tor to
help maintain your anonymity. The Tor network will effectively mask your IP
address making your Internet traffic harder to thumbprint. Fawkes and
Anonabox PRO offer customizable passwords and SSID (network names) for
added protection.
Stop remarketing Ads: -
Using Tor can limit marketers’ ability to
retarget you while browsing online, as often these ads are location specific.
Using Tor does not stop marketing efforts driven by browser history, cache or
cookies, so we recommend that you turn these features off as well.
Furthermore, the privacy afforded to Tor users deters big data collection efforts
helping to keep you safe from additional unwanted marketing efforts if your
browsing history/profile is ever sold.
Deter big data collection: -
Internet Service Providers, Search
Engines and Websites both have been shown to collect records of your search
terms, site visits, and in some cases username and passwords. While these
companies have claimed they anonymize all their data, this has in some cases
proven false. Protect yourself from these breaches of trust and the unscrupulous
actions of Big Data.
Wifi range extender: -
13. Tor – The onion Router Research Paper
13 | P a g e
The integral WiFi antenna can boost
your network signal up to 300 feet. All but the Original model can connect
wirelessly giving you ultimate flexibility in a small, cost-effective, and easy to
implement tool that can be put almost anywhere to beam your Internet signal
to the hardest to reach spots in your home or office. Utilize this feature whether
or not you’re using Tor and VPN services.
Deter hacker: -
VPN services allow users to specify
their general IP Address location providing a layer of anonymity. Pair this with
the security and encryption inherent with VPN services, users provide a large
barrier that would-be hackers would be forced to circumvent.
Bypass censorship: -
Many world governments as well as
local Internet network operators (work, school, local governments) often
restrict access to certain websites. Basic Internet functions we’ve come to
count on like Facebook, YouTube and Twitter are often not accessible. These
sites are just a few examples of the reduction of freedoms from censored
Internet.
Anonymous wifi – VPN: -
Connect to public WiFi networks using
a VPN to help maintain your anonymity. AVPN will allow you to specify your
IP address from a myriad of options. This altering of your true location helps
make your Internet traffic harder to thumbprint. Tunneler by Anonabox and
Anonabox PRO have wireless connectivity and offer customizable passwords
and SSID (network names) for added protection.
Keep location secret: -
An IP address can be identifiable to an
individual city, and often specific neighborhoods, putting Internet users at risk
of exposing their physical location even while doing otherwise mundane
activities. Especially of concern for younger Internet users who may not yet be
14. Tor – The onion Router Research Paper
14 | P a g e
able to quickly identify untrustworthy situations, Tor will effectively mask
your IP address making your Internet traffic harder to thumbprint and private.
Online browsing privacy: -
Routing your browsing traffic over
Tor can provide you with a private browsing experience. Users should avoid
websites requiring personally identifiable information (usernames and
passwords), as the Tor network will not encrypt your traffic. But it will
effectively mask your IP address, which certainly aids those wishing to browse
the Internet in privacy.
Onion hosting: -
Onion hosted websites are part of the
35% of search results that are not accessible via traditional search engines like
Google. .Onion hosted websites are only accessible when using Tor. The true
breadth of content accessible via Tor is beyond scope. Often described as the
last frontier of freedom on the Internet, the content on the Deep Web is highly
varied and of endless interest to the generally curious, oppressed, activists and
whistleblowers alike.
Tunnel location: -
VPN services allow users to specify
their general IP Address location. This is especially useful for those needing to
access location-specific content or bypass censorship. Planning on traveling
abroad and want to search for local points of interest? Set your VPN
accordingly and search as a local would. Learn more about VPNs HERE.
How to ensure privacy on TOR ?
1. Use Tor Browser
Tor does not protect all of your computer's Internet traffic when you run it.
Tor only protects your applications that are properly configured to send their
Internet traffic through Tor. To avoid problems with Tor configuration, we
strongly recommend you use the Tor Browser. It is pre-configured to protect
your privacy and anonymity on the web as long as you're browsing with Tor
Browser itself. Almost any other web browser configuration is likely to be
unsafe to use with Tor.
15. Tor – The onion Router Research Paper
15 | P a g e
2. Don't torrent over Tor
Torrent file-sharing applications have been observed to ignore proxy settings
and make direct connections even when they are told to use Tor. Even if your
torrent application connects only through Tor, you will often send out your
real IP address in the tracker GET request, because that's how torrents work.
Not only do you deanonymize your torrent traffic and your other simultaneous
Tor web traffic this way, you also slow down the entire Tor network for
everyone else.
3. Don't enable or install browser plugins
Tor Browser will block browser plugins such as Flash, RealPlayer, Quicktime,
and others: they can be manipulated into revealing your IP address. Similarly,
we do not recommend installing additional addons or plugins into Tor
Browser, as these may bypass Tor or otherwise harm your anonymity and
privacy.
4. Use HTTPS versions of websites
Tor will encrypt your traffic to and within the Tor network, but the encryption
of your traffic to the final destination website depends upon on that website.
To help ensure private encryption to websites, Tor Browser includes HTTPS
Everywhere to force the use of HTTPS encryption with major websites that
support it. However, you should still watch the browser URL bar to ensure
that websites you provide sensitive information to display a blue or green
URL bar button, include https:// in the URL, and display the proper expected
name for the website. Also see EFF's interactive page explaining how Tor and
HTTPS relate.
5. Don't open documents downloaded through Tor while online
Tor Browser will warn you before automatically opening documents that are
handled by external applications. DO NOT IGNORE THIS WARNING.
You should be very careful when downloading documents via Tor (especially
DOC and PDF files, unless you use the PDF viewer that's built into Tor
Browser) as these documents can contain Internet resources that will be
downloaded outside of Tor by the application that opens them. This will reveal
your non-Tor IP address. If you must work with DOC and/or PDF files, we
strongly recommend either using a disconnected computer, downloading the
16. Tor – The onion Router Research Paper
16 | P a g e
free VirtualBox and using it with a virtual machine image with networking
disabled, or using Tails. Under no circumstances is it safe to use BitTorrent
and Tor together, however.
6. Use bridges and/or find company
Tor tries to prevent attackers from learning what destination websites you
connect to. However, by default, it does not prevent somebody watching your
Internet traffic from learning that you're using Tor. If this matters to you, you
can reduce this risk by configuring Tor to use a Tor bridge relay rather than
connecting directly to the public Tor network. Ultimately the best protection
is a social approach: the more Tor users there are near you and the more
diverse their interests, the less dangerous it will be that you are one of them.
Convince other people to use Tor, too!
17. Tor – The onion Router Research Paper
17 | P a g e
Configuring other browsers in TOR
network
Any other browser can be configured in tor
network.
18. Tor – The onion Router Research Paper
18 | P a g e
SCREENSHOTS
Note : These screenshots are directly taken from tor browser on deep-web for educational purposes only under
the guidance of MR. RAKSHIT TANDON (Cyber Security Expert).
Home window of tor browser.
In this screenshot a lot of .zip files are available. These all store special materials like
some store different country’s passport, website dumbs, application database, etc.
19. Tor – The onion Router Research Paper
19 | P a g e
Fake DRIVING LICENCE .psd file
20. Tor – The onion Router Research Paper
20 | P a g e
Account Number and complete information
Easy buying of GUNS
21. Tor – The onion Router Research Paper
21 | P a g e
LICENSE CLASS E psd file
RED Room
22. Tor – The onion Router Research Paper
22 | P a g e
CHEAP bitcoin purchases of iphones
23. Tor – The onion Router Research Paper
23 | P a g e
Pornography & Red Room screenshots
24. Tor – The onion Router Research Paper
24 | P a g e
THANK YOU