SlideShare a Scribd company logo

Anonymity Systems: Tor

Download as PPTX, PDF
A
antitree

This document provides an overview of anonymity systems like Tor, I2P, and Freenet. It describes how Tor works by passing data through proxies to provide anonymity. It also discusses who uses Tor, such as whistleblowers and journalists seeking privacy. The document outlines the Tor project's finances and how it is funded by various organizations. It concludes by covering some attacks against Tor like traffic analysis and compromising relay nodes.

Technology
1 of 25
Overview Anonymity systems Review of how Tor works Tor Project Inc. Helper tools and accessories Advanced Tor control Attack Vectors
Anonymity Systems JAP I2P Freenet Xerobank Botnets
Freenet Storage network p2p based Shares files on your system to other nodes Plausabile Deniability
I2P Opposing design of Tor UDP based Darknet design Java, Python, and C API’s Mixed routing based on packets Splits tunneling between upstream and downstream “Garlic Routing” – mix streams together to prevent traffic analysis Variable latency design
Tor Tor (not TOR) – previously stood for The Onion Router Provides a method of anonymity by passing data between proxies
Tor Network
Terminology Cell – your message Circuit – tunnel made up of relays Entry Node: first hop into the Tor network Exit Node: last hop before destination Relay Node: middle hop Bridge Node: nodes not listed in the Tor directory to evade filtering
Who’s Using Tor? Whistleblowers Wikileaks – runs hidden service Militaries field ops command and control using hidden services Chinese journalists and dissidents
Tor Project 501(c)(3) NFP Freely available Full spec and full documentation
Project Finances https://www.torproject.org/about/financials.html
Current Project Sponsors Federal Grant: International Program to Support Democracy Human Rights and Labor $632,189 International Broadcasting Bureau Voice of America, Radio Free Europe/Radio Liberty, Radio and TV Martí, Radio Free Asia, Radio Sawa/Alhurra TV $270,000 Stichting.Net Association of NFP’s in the Netherlands $38,279 Google: $29,083 ITT: $27,000 Other: $9,997 https://www.torproject.org/about/sponsors.html.en
Past Funders DARPA and Naval Research Labratory 2001-2006 EFF – 2004-2005
Tor Performance
Number of Relays
Number of Users
Tor Tools Torbutton Tor Browser Bundle Vidalia TorCheck Arm Tor-ramdisk Anthony G. Basile from Buffalo
Tor Control Port authenticate "“ extendcircuit 0 a,b,c,… extendcircuit 0 a,b seteventscirc setconfconfitem Mapaddress google.com=a.b Getconfconfitem Telnet to the control port Create custom circuits (long or short) Show live circuit information Change configuration on the fly Map a site to an exit node Reload a configuration
Attacks
Tor Passive Attack Vectors Traffic profiling – entry and exit analysis Cleartext exit node transmission Fingerprinting - OS, browser, configuration, activity Timing correlation Network partitioning End to end Size correlation
Tor Active Attack Vectors Compromised keys Malicious web servers Malicious Exit/Relay nodes DoS non-controlled nodes Timestamping and tagging Injecting or replacing unencrypted info Malicious Tor client
Tor Client Side Attacks DNS rebinding Disbanding attack – javascript, java, flash History disclosure Timezone information (partitioning)
Social Engineering Attacks Getting more traffic “Use my relay. I have huge tubes!” “Nick’s relay sucks” “I’ve added a feature to my node.” Replacement 687474703a2f2f7777772e726f63686573746572323630302e636f6d2f6861782f Partitioning “Don’t use servers from this country” “These servers are amazing!”
More Info www.torproject.org Metrics.torproject.org Blog.torproject.org Check.torproject.org @torproject

Recommended

Hacking Tor ( How does Tor work ?)
Hacking Tor ( How does Tor work ?)Hacking Tor ( How does Tor work ?)
Hacking Tor ( How does Tor work ?)
Saprative Jana
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion router
n|u - The Open Security Community
 
Onion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and AnonymityOnion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and Anonymity
anurag singh
 
Tor Presentation
Tor PresentationTor Presentation
Tor Presentation
Hassan Faraz
 
Introduction to anonymity network tor
Introduction to anonymity network torIntroduction to anonymity network tor
Introduction to anonymity network tor
Khaled Mosharraf
 
Tor
TorTor
Tor
Georgino Abboud
 
Tor browser
Tor browserTor browser
Tor browser
Akshit Arora
 
Onion protocol
Onion protocolOnion protocol
Onion protocol
Anshu Raj
 

Recommended

Hacking Tor ( How does Tor work ?)
Hacking Tor ( How does Tor work ?)Hacking Tor ( How does Tor work ?)
Hacking Tor ( How does Tor work ?)
Saprative Jana
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion router
n|u - The Open Security Community
 
Onion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and AnonymityOnion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and Anonymity
anurag singh
 
Tor Presentation
Tor PresentationTor Presentation
Tor Presentation
Hassan Faraz
 
Introduction to anonymity network tor
Introduction to anonymity network torIntroduction to anonymity network tor
Introduction to anonymity network tor
Khaled Mosharraf
 
Tor
TorTor
Tor
Georgino Abboud
 
Tor browser
Tor browserTor browser
Tor browser
Akshit Arora
 
Onion protocol
Onion protocolOnion protocol
Onion protocol
Anshu Raj
 
Tor
TorTor
Tor
anjalika sinha
 
Acpe 2014 Internet Anonymity Using Tor
Acpe 2014 Internet Anonymity Using TorAcpe 2014 Internet Anonymity Using Tor
Acpe 2014 Internet Anonymity Using Tor
Jack Maynard
 
Tor network seminar by 13504
Tor network seminar by 13504 Tor network seminar by 13504
Tor network seminar by 13504
Prashant Rana
 
TOR: The Onion Router
TOR: The Onion RouterTOR: The Onion Router
TOR: The Onion Router
Volodymyr Ostapiv
 
Tor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterTor: The Second Generation Onion Router
Tor: The Second Generation Onion Router
Mohammed Bharmal
 
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh BhatiaDarknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
OWASP Delhi
 
The Onion Routing (TOR)
The Onion Routing (TOR)The Onion Routing (TOR)
The Onion Routing (TOR)
Amrit Khandelwal
 
Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The Darknet
Ahmed Mater
 
TOR... ALL THE THINGS
TOR... ALL THE THINGSTOR... ALL THE THINGS
TOR... ALL THE THINGS
CrowdStrike
 
TOR NETWORK
TOR NETWORKTOR NETWORK
TOR NETWORK
Rishikese MR
 
Introduction to Tor
Introduction to TorIntroduction to Tor
Introduction to Tor
Jaskaran Narula
 
Tor Pivoting Networks Share
Tor Pivoting Networks Share Tor Pivoting Networks Share
Tor Pivoting Networks Share
Ricardo Robles, M.Eng.
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion routerAshly Liza
 
Tor - Using alternative networks to protect your online privacy, by Tobias Cl...
Tor - Using alternative networks to protect your online privacy, by Tobias Cl...Tor - Using alternative networks to protect your online privacy, by Tobias Cl...
Tor - Using alternative networks to protect your online privacy, by Tobias Cl...
Thoughtworks
 
Tor Network
Tor NetworkTor Network
Tor Network
Muhammad Jabir A C K
 
Encryption and decryption in TOR
Encryption and decryption in TOREncryption and decryption in TOR
Encryption and decryption in TOR
anjalika sinha
 
Anonymous Connections And Onion Routing
Anonymous Connections And Onion RoutingAnonymous Connections And Onion Routing
Anonymous Connections And Onion RoutingAli Habeeb
 
TOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersTOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying Markers
Brent Muir
 
Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...
Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...
Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...
Maurice Dawson
 
Tails os
Tails osTails os
Tails os
SADEED AMEEN
 
Programming Jargon
Programming JargonProgramming Jargon
Programming Jargon
Decisive
 
Font-End Hero
Font-End HeroFont-End Hero
Font-End Hero
Alessandro Lima
 

More Related Content

What's hot

Tor
TorTor
Tor
anjalika sinha
 
Acpe 2014 Internet Anonymity Using Tor
Acpe 2014 Internet Anonymity Using TorAcpe 2014 Internet Anonymity Using Tor
Acpe 2014 Internet Anonymity Using Tor
Jack Maynard
 
Tor network seminar by 13504
Tor network seminar by 13504 Tor network seminar by 13504
Tor network seminar by 13504
Prashant Rana
 
TOR: The Onion Router
TOR: The Onion RouterTOR: The Onion Router
TOR: The Onion Router
Volodymyr Ostapiv
 
Tor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterTor: The Second Generation Onion Router
Tor: The Second Generation Onion Router
Mohammed Bharmal
 
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh BhatiaDarknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
OWASP Delhi
 
The Onion Routing (TOR)
The Onion Routing (TOR)The Onion Routing (TOR)
The Onion Routing (TOR)
Amrit Khandelwal
 
Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The Darknet
Ahmed Mater
 
TOR... ALL THE THINGS
TOR... ALL THE THINGSTOR... ALL THE THINGS
TOR... ALL THE THINGS
CrowdStrike
 
TOR NETWORK
TOR NETWORKTOR NETWORK
TOR NETWORK
Rishikese MR
 
Introduction to Tor
Introduction to TorIntroduction to Tor
Introduction to Tor
Jaskaran Narula
 
Tor Pivoting Networks Share
Tor Pivoting Networks Share Tor Pivoting Networks Share
Tor Pivoting Networks Share
Ricardo Robles, M.Eng.
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion routerAshly Liza
 
Tor - Using alternative networks to protect your online privacy, by Tobias Cl...
Tor - Using alternative networks to protect your online privacy, by Tobias Cl...Tor - Using alternative networks to protect your online privacy, by Tobias Cl...
Tor - Using alternative networks to protect your online privacy, by Tobias Cl...
Thoughtworks
 
Tor Network
Tor NetworkTor Network
Tor Network
Muhammad Jabir A C K
 
Encryption and decryption in TOR
Encryption and decryption in TOREncryption and decryption in TOR
Encryption and decryption in TOR
anjalika sinha
 
Anonymous Connections And Onion Routing
Anonymous Connections And Onion RoutingAnonymous Connections And Onion Routing
Anonymous Connections And Onion RoutingAli Habeeb
 
TOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersTOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying Markers
Brent Muir
 

What's hot (18)

Tor
TorTor
Tor
 
Acpe 2014 Internet Anonymity Using Tor
Acpe 2014 Internet Anonymity Using TorAcpe 2014 Internet Anonymity Using Tor
Acpe 2014 Internet Anonymity Using Tor
 
Tor network seminar by 13504
Tor network seminar by 13504 Tor network seminar by 13504
Tor network seminar by 13504
 
TOR: The Onion Router
TOR: The Onion RouterTOR: The Onion Router
TOR: The Onion Router
 
Tor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterTor: The Second Generation Onion Router
Tor: The Second Generation Onion Router
 
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh BhatiaDarknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
 
The Onion Routing (TOR)
The Onion Routing (TOR)The Onion Routing (TOR)
The Onion Routing (TOR)
 
Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The Darknet
 
TOR... ALL THE THINGS
TOR... ALL THE THINGSTOR... ALL THE THINGS
TOR... ALL THE THINGS
 
TOR NETWORK
TOR NETWORKTOR NETWORK
TOR NETWORK
 
Introduction to Tor
Introduction to TorIntroduction to Tor
Introduction to Tor
 
Tor Pivoting Networks Share
Tor Pivoting Networks Share Tor Pivoting Networks Share
Tor Pivoting Networks Share
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion router
 
Tor - Using alternative networks to protect your online privacy, by Tobias Cl...
Tor - Using alternative networks to protect your online privacy, by Tobias Cl...Tor - Using alternative networks to protect your online privacy, by Tobias Cl...
Tor - Using alternative networks to protect your online privacy, by Tobias Cl...
 
Tor Network
Tor NetworkTor Network
Tor Network
 
Encryption and decryption in TOR
Encryption and decryption in TOREncryption and decryption in TOR
Encryption and decryption in TOR
 
Anonymous Connections And Onion Routing
Anonymous Connections And Onion RoutingAnonymous Connections And Onion Routing
Anonymous Connections And Onion Routing
 
TOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersTOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying Markers
 

Viewers also liked

Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...
Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...
Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...
Maurice Dawson
 
Tails os
Tails osTails os
Tails os
SADEED AMEEN
 
Programming Jargon
Programming JargonProgramming Jargon
Programming Jargon
Decisive
 
Font-End Hero
Font-End HeroFont-End Hero
Font-End Hero
Alessandro Lima
 
Unleashed Power Behind The Myths: Pair Programming (CraftSummit15)
Unleashed Power Behind The Myths: Pair Programming (CraftSummit15)Unleashed Power Behind The Myths: Pair Programming (CraftSummit15)
Unleashed Power Behind The Myths: Pair Programming (CraftSummit15)
Lemi Orhan Ergin
 
Android Studio NDK(JNI) + OpenCV 完整教學
Android Studio NDK(JNI) + OpenCV 完整教學Android Studio NDK(JNI) + OpenCV 完整教學
Android Studio NDK(JNI) + OpenCV 完整教學
Wei-Xiang Wang
 
Let it crash! The Erlang Approach to Building Reliable Services
Let it crash! The Erlang Approach to Building Reliable ServicesLet it crash! The Erlang Approach to Building Reliable Services
Let it crash! The Erlang Approach to Building Reliable Services
Brian Troutwine
 
How TOR works?
How TOR works?How TOR works?
How TOR works?
Onkar Badiger
 
Personal Finance for Engineers (Stanford 2015)
Personal Finance for Engineers (Stanford 2015)Personal Finance for Engineers (Stanford 2015)
Personal Finance for Engineers (Stanford 2015)
Adam Nash
 
Programming != Writing Code
Programming != Writing CodeProgramming != Writing Code
Programming != Writing Code
Gustavo Cunha
 
Becoming a Better Programmer
Becoming a Better ProgrammerBecoming a Better Programmer
Becoming a Better Programmer
Pete Goodliffe
 
14180203 an-introduction-to-android
14180203 an-introduction-to-android14180203 an-introduction-to-android
14180203 an-introduction-to-android
Neha Jain
 
Introduction to Android and Android Studio
Introduction to Android and Android StudioIntroduction to Android and Android Studio
Introduction to Android and Android Studio
Suyash Srijan
 
Designing For Smarties
Designing For SmartiesDesigning For Smarties
Designing For Smarties
ReadWrite
 
To Swift 2...and Beyond!
To Swift 2...and Beyond!To Swift 2...and Beyond!
To Swift 2...and Beyond!
Scott Gardner
 
Sample seminar report
Sample seminar reportSample seminar report
Sample seminar reportFarman Khan
 

Viewers also liked (16)

Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...
Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...
Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...
 
Tails os
Tails osTails os
Tails os
 
Programming Jargon
Programming JargonProgramming Jargon
Programming Jargon
 
Font-End Hero
Font-End HeroFont-End Hero
Font-End Hero
 
Unleashed Power Behind The Myths: Pair Programming (CraftSummit15)
Unleashed Power Behind The Myths: Pair Programming (CraftSummit15)Unleashed Power Behind The Myths: Pair Programming (CraftSummit15)
Unleashed Power Behind The Myths: Pair Programming (CraftSummit15)
 
Android Studio NDK(JNI) + OpenCV 完整教學
Android Studio NDK(JNI) + OpenCV 完整教學Android Studio NDK(JNI) + OpenCV 完整教學
Android Studio NDK(JNI) + OpenCV 完整教學
 
Let it crash! The Erlang Approach to Building Reliable Services
Let it crash! The Erlang Approach to Building Reliable ServicesLet it crash! The Erlang Approach to Building Reliable Services
Let it crash! The Erlang Approach to Building Reliable Services
 
How TOR works?
How TOR works?How TOR works?
How TOR works?
 
Personal Finance for Engineers (Stanford 2015)
Personal Finance for Engineers (Stanford 2015)Personal Finance for Engineers (Stanford 2015)
Personal Finance for Engineers (Stanford 2015)
 
Programming != Writing Code
Programming != Writing CodeProgramming != Writing Code
Programming != Writing Code
 
Becoming a Better Programmer
Becoming a Better ProgrammerBecoming a Better Programmer
Becoming a Better Programmer
 
14180203 an-introduction-to-android
14180203 an-introduction-to-android14180203 an-introduction-to-android
14180203 an-introduction-to-android
 
Introduction to Android and Android Studio
Introduction to Android and Android StudioIntroduction to Android and Android Studio
Introduction to Android and Android Studio
 
Designing For Smarties
Designing For SmartiesDesigning For Smarties
Designing For Smarties
 
To Swift 2...and Beyond!
To Swift 2...and Beyond!To Swift 2...and Beyond!
To Swift 2...and Beyond!
 
Sample seminar report
Sample seminar reportSample seminar report
Sample seminar report
 

Similar to Anonymity Systems: Tor

Tor
TorTor
Tor
antitree
 
Mr201304 open flow_security_eng
Mr201304 open flow_security_engMr201304 open flow_security_eng
Mr201304 open flow_security_engFFRI, Inc.
 
(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation
INSIGHT FORENSIC
 
Tor: How it works to keep you safe online. PhutureCon 2014
Tor: How it works to keep you safe online. PhutureCon 2014Tor: How it works to keep you safe online. PhutureCon 2014
Tor: How it works to keep you safe online. PhutureCon 2014
IceQUICK
 
Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1
Joel W. King
 
osint + python: extracting information from tor network and darkweb
osint + python: extracting information from tor network and darkweb osint + python: extracting information from tor network and darkweb
osint + python: extracting information from tor network and darkweb
Jose Manuel Ortega Candel
 
Osnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptxOsnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptx
M.Qasim Arham
 
OpenFlow tutorial
OpenFlow tutorialOpenFlow tutorial
OpenFlow tutorial
openflow
 
Scratching Your Brain into Dark Web by Arpit Maheshwari
Scratching Your Brain into Dark Web by Arpit MaheshwariScratching Your Brain into Dark Web by Arpit Maheshwari
Scratching Your Brain into Dark Web by Arpit Maheshwari
OWASP Delhi
 
W4 profinet frame analysis, peter thomas
W4 profinet frame analysis, peter thomasW4 profinet frame analysis, peter thomas
W4 profinet frame analysis, peter thomas
PROFIBUS and PROFINET InternationaI - PI UK
 
Setiri : Advances in trojan technology
Setiri : Advances in trojan technologySetiri : Advances in trojan technology
Setiri : Advances in trojan technology
SensePost
 
Anomaly detection final
Anomaly detection finalAnomaly detection final
Anomaly detection finalAkshay Bansal
 
Network tunneling techniques
Network tunneling techniquesNetwork tunneling techniques
Network tunneling techniques
inbroker
 
internet protocols
internet protocolsinternet protocols
internet protocols
Srinivasa Rao
 
Anonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsAnonymity in the web based on routing protocols
Anonymity in the web based on routing protocols
Biagio Botticelli
 
Mesh IoT Networks Explained
Mesh IoT Networks ExplainedMesh IoT Networks Explained
Mesh IoT Networks Explained
GlobalLogic Ukraine
 
(120107) #fitalk anonymizing activities
(120107) #fitalk anonymizing activities(120107) #fitalk anonymizing activities
(120107) #fitalk anonymizing activities
INSIGHT FORENSIC
 
Using a VPN or and TOR by remmy nweke, fellow, cyber security policy defender
Using a VPN or and TOR by remmy nweke, fellow, cyber security policy defenderUsing a VPN or and TOR by remmy nweke, fellow, cyber security policy defender
Using a VPN or and TOR by remmy nweke, fellow, cyber security policy defender
Remmy Nweke, mNGE, mNUJ, mGOCOP
 

Similar to Anonymity Systems: Tor (20)

Tor
TorTor
Tor
 
class12_Networking2
class12_Networking2class12_Networking2
class12_Networking2
 
Mr201304 open flow_security_eng
Mr201304 open flow_security_engMr201304 open flow_security_eng
Mr201304 open flow_security_eng
 
(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation
 
Tor: How it works to keep you safe online. PhutureCon 2014
Tor: How it works to keep you safe online. PhutureCon 2014Tor: How it works to keep you safe online. PhutureCon 2014
Tor: How it works to keep you safe online. PhutureCon 2014
 
Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1
 
osint + python: extracting information from tor network and darkweb
osint + python: extracting information from tor network and darkweb osint + python: extracting information from tor network and darkweb
osint + python: extracting information from tor network and darkweb
 
Firewall
FirewallFirewall
Firewall
 
Osnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptxOsnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptx
 
OpenFlow tutorial
OpenFlow tutorialOpenFlow tutorial
OpenFlow tutorial
 
Scratching Your Brain into Dark Web by Arpit Maheshwari
Scratching Your Brain into Dark Web by Arpit MaheshwariScratching Your Brain into Dark Web by Arpit Maheshwari
Scratching Your Brain into Dark Web by Arpit Maheshwari
 
W4 profinet frame analysis, peter thomas
W4 profinet frame analysis, peter thomasW4 profinet frame analysis, peter thomas
W4 profinet frame analysis, peter thomas
 
Setiri : Advances in trojan technology
Setiri : Advances in trojan technologySetiri : Advances in trojan technology
Setiri : Advances in trojan technology
 
Anomaly detection final
Anomaly detection finalAnomaly detection final
Anomaly detection final
 
Network tunneling techniques
Network tunneling techniquesNetwork tunneling techniques
Network tunneling techniques
 
internet protocols
internet protocolsinternet protocols
internet protocols
 
Anonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsAnonymity in the web based on routing protocols
Anonymity in the web based on routing protocols
 
Mesh IoT Networks Explained
Mesh IoT Networks ExplainedMesh IoT Networks Explained
Mesh IoT Networks Explained
 
(120107) #fitalk anonymizing activities
(120107) #fitalk anonymizing activities(120107) #fitalk anonymizing activities
(120107) #fitalk anonymizing activities
 
Using a VPN or and TOR by remmy nweke, fellow, cyber security policy defender
Using a VPN or and TOR by remmy nweke, fellow, cyber security policy defenderUsing a VPN or and TOR by remmy nweke, fellow, cyber security policy defender
Using a VPN or and TOR by remmy nweke, fellow, cyber security policy defender
 

More from antitree

Hardening ssh configurations
Hardening ssh configurationsHardening ssh configurations
Hardening ssh configurations
antitree
 
State of wifi_2016
State of wifi_2016State of wifi_2016
State of wifi_2016
antitree
 
Just Mouse Jack Init
Just Mouse Jack InitJust Mouse Jack Init
Just Mouse Jack Init
antitree
 
Introduction to ethereum_public
Introduction to ethereum_publicIntroduction to ethereum_public
Introduction to ethereum_public
antitree
 
Docker Security
Docker SecurityDocker Security
Docker Security
antitree
 
Reinventing anon email
Reinventing anon emailReinventing anon email
Reinventing anon email
antitree
 
0x20 hack
0x20 hack0x20 hack
0x20 hack
antitree
 
Laverna vs etherpad
Laverna vs etherpadLaverna vs etherpad
Laverna vs etherpad
antitree
 
Meek and domain fronting public
Meek and domain fronting publicMeek and domain fronting public
Meek and domain fronting public
antitree
 
Nsa and vpn
Nsa and vpnNsa and vpn
Nsa and vpn
antitree
 
Salander v bond 2600
Salander v bond 2600Salander v bond 2600
Salander v bond 2600
antitree
 
Salander v bond b sides detroit final v3
Salander v bond b sides detroit final v3Salander v bond b sides detroit final v3
Salander v bond b sides detroit final v3antitree
 
Pentesting embedded
Pentesting embeddedPentesting embedded
Pentesting embeddedantitree
 
Corporate Intelligence: Bridging the security and intelligence community
Corporate Intelligence: Bridging the security and intelligence communityCorporate Intelligence: Bridging the security and intelligence community
Corporate Intelligence: Bridging the security and intelligence community
antitree
 
28c3 in 15
28c3 in 1528c3 in 15
28c3 in 15antitree
 
Android Hacking
Android HackingAndroid Hacking
Android Hacking
antitree
 
Lock picking barcamp
Lock picking barcampLock picking barcamp
Lock picking barcamp
antitree
 
Lock picking 2600
Lock picking 2600Lock picking 2600
Lock picking 2600
antitree
 
Anti tree firesheep
Anti tree firesheepAnti tree firesheep
Anti tree firesheep
antitree
 
Image based automation
Image based automationImage based automation
Image based automation
antitree
 

More from antitree (20)

Hardening ssh configurations
Hardening ssh configurationsHardening ssh configurations
Hardening ssh configurations
 
State of wifi_2016
State of wifi_2016State of wifi_2016
State of wifi_2016
 
Just Mouse Jack Init
Just Mouse Jack InitJust Mouse Jack Init
Just Mouse Jack Init
 
Introduction to ethereum_public
Introduction to ethereum_publicIntroduction to ethereum_public
Introduction to ethereum_public
 
Docker Security
Docker SecurityDocker Security
Docker Security
 
Reinventing anon email
Reinventing anon emailReinventing anon email
Reinventing anon email
 
0x20 hack
0x20 hack0x20 hack
0x20 hack
 
Laverna vs etherpad
Laverna vs etherpadLaverna vs etherpad
Laverna vs etherpad
 
Meek and domain fronting public
Meek and domain fronting publicMeek and domain fronting public
Meek and domain fronting public
 
Nsa and vpn
Nsa and vpnNsa and vpn
Nsa and vpn
 
Salander v bond 2600
Salander v bond 2600Salander v bond 2600
Salander v bond 2600
 
Salander v bond b sides detroit final v3
Salander v bond b sides detroit final v3Salander v bond b sides detroit final v3
Salander v bond b sides detroit final v3
 
Pentesting embedded
Pentesting embeddedPentesting embedded
Pentesting embedded
 
Corporate Intelligence: Bridging the security and intelligence community
Corporate Intelligence: Bridging the security and intelligence communityCorporate Intelligence: Bridging the security and intelligence community
Corporate Intelligence: Bridging the security and intelligence community
 
28c3 in 15
28c3 in 1528c3 in 15
28c3 in 15
 
Android Hacking
Android HackingAndroid Hacking
Android Hacking
 
Lock picking barcamp
Lock picking barcampLock picking barcamp
Lock picking barcamp
 
Lock picking 2600
Lock picking 2600Lock picking 2600
Lock picking 2600
 
Anti tree firesheep
Anti tree firesheepAnti tree firesheep
Anti tree firesheep
 
Image based automation
Image based automationImage based automation
Image based automation
 

Recently uploaded

GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 

Recently uploaded (20)

GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 

Anonymity Systems: Tor

  • 1.
  • 2. Overview Anonymity systems Review of how Tor works Tor Project Inc. Helper tools and accessories Advanced Tor control Attack Vectors
  • 3. Anonymity Systems JAP I2P Freenet Xerobank Botnets
  • 4. Freenet Storage network p2p based Shares files on your system to other nodes Plausabile Deniability
  • 5. I2P Opposing design of Tor UDP based Darknet design Java, Python, and C API’s Mixed routing based on packets Splits tunneling between upstream and downstream “Garlic Routing” – mix streams together to prevent traffic analysis Variable latency design
  • 6. Tor Tor (not TOR) – previously stood for The Onion Router Provides a method of anonymity by passing data between proxies
  • 8. Terminology Cell – your message Circuit – tunnel made up of relays Entry Node: first hop into the Tor network Exit Node: last hop before destination Relay Node: middle hop Bridge Node: nodes not listed in the Tor directory to evade filtering
  • 9. Who’s Using Tor? Whistleblowers Wikileaks – runs hidden service Militaries field ops command and control using hidden services Chinese journalists and dissidents
  • 10. Tor Project 501(c)(3) NFP Freely available Full spec and full documentation
  • 12. Current Project Sponsors Federal Grant: International Program to Support Democracy Human Rights and Labor $632,189 International Broadcasting Bureau Voice of America, Radio Free Europe/Radio Liberty, Radio and TV Martí, Radio Free Asia, Radio Sawa/Alhurra TV $270,000 Stichting.Net Association of NFP’s in the Netherlands $38,279 Google: $29,083 ITT: $27,000 Other: $9,997 https://www.torproject.org/about/sponsors.html.en
  • 13. Past Funders DARPA and Naval Research Labratory 2001-2006 EFF – 2004-2005
  • 17. Tor Tools Torbutton Tor Browser Bundle Vidalia TorCheck Arm Tor-ramdisk Anthony G. Basile from Buffalo
  • 18.
  • 19. Tor Control Port authenticate "“ extendcircuit 0 a,b,c,… extendcircuit 0 a,b seteventscirc setconfconfitem Mapaddress google.com=a.b Getconfconfitem Telnet to the control port Create custom circuits (long or short) Show live circuit information Change configuration on the fly Map a site to an exit node Reload a configuration
  • 21. Tor Passive Attack Vectors Traffic profiling – entry and exit analysis Cleartext exit node transmission Fingerprinting - OS, browser, configuration, activity Timing correlation Network partitioning End to end Size correlation
  • 22. Tor Active Attack Vectors Compromised keys Malicious web servers Malicious Exit/Relay nodes DoS non-controlled nodes Timestamping and tagging Injecting or replacing unencrypted info Malicious Tor client
  • 23. Tor Client Side Attacks DNS rebinding Disbanding attack – javascript, java, flash History disclosure Timezone information (partitioning)
  • 24. Social Engineering Attacks Getting more traffic “Use my relay. I have huge tubes!” “Nick’s relay sucks” “I’ve added a feature to my node.” Replacement 687474703a2f2f7777772e726f63686573746572323630302e636f6d2f6861782f Partitioning “Don’t use servers from this country” “These servers are amazing!”
  • 25. More Info www.torproject.org Metrics.torproject.org Blog.torproject.org Check.torproject.org @torproject