A darknet (or dark net) is any overlay network that can be accessed only with specific software, configurations, or authorization, often using non-standard communications protocols and ports. Two typical darknet types are friend-to-friend networks (usually used for file sharing with a peer-to-peer connection)and privacy networks such as Tor.
2. Contents :
The iceberg illustration.
Internet – World Wide Web.
How Search Engines work.
Indexing and the Visible Web.
Indexing and the Invisible Web.
Content found on the Invisible Web.
The Invisible Web.
INFOGRAPHIC: Networks form Deep Web.
Why go for Darknet?
Going to the Dark Land.
3. Contents :
What is TOR.
How does TOR works.
The Onion Routing – Working.
News Splash.
The I2P : Invisible Internet Project.
Silk Road.
BitCoin.
Tard’s Library.
What is SHODAN?
How SHODAN Searches.
4. Contents :
Legality.
Tour of SHODAN.
Narrowing the search.
What SHODAN finds.
Advantages
You might be deeply vulnerable.
Future scope.
Directories to search the invisible web.
References
6. INTERNET – WORLD WIDE WEB
VISIBLE WEB
INVISIBLE WEB
All information that cannot be indexed using general web search engines.
Also known as the deep internet, deepnet, or the hidden web
(INDEXED)
(UNINDEXED)
8. Indexing & the Visible Web
Search engine spider crawls Web starting
with already indexed seed URL’s
Spider encounters link to
a new Web page
Spider follows link
Spider adds new Web page to search engine’s index
Content rendered “visible”
Webmaster registers
new static Web page
with search engine
9. Indexing & the Invisible Web
Spider encounters database
Query is required to access “dynamic” data
Spider incapable of generating query
Spider stops and cannot index data in database
Content rendered “invisible”
Spider crawls Web starting with
already indexed seed URL’s
10. Content Found On The Invisible Web
Webpages with no links on them, called disconnected pages.
Password protected webpages.
Webpages generated from databases.
Dynamically generated webpages.
Webpages that require a registration form to access.
Webpages with non-html text, or any coding that a spider program can not
understand.
Other types of Invisible Web Contents include very recent static pages
which haven’t yet been indexed.
11. The Invisible Web
Database
Your search results
Author Title
Publication
Searching
Smarter
Wisconsin
Lawyer
J. Doe Common
Law
Marquette
Law Review
B. Shucha
1. B. Shucha, “Searching Smarter,”
Wisconsin Lawyer.
2. J.Q. Public, “Legal Tech Tips,”
ABA Journal.
J.Q. Public Legal
Tech Tips
ABA
Journal
Dynamic Web Page
14. Why go for darknet..?
Internet surveillance like traffic analysis reveals users privacy.
NSA: PRISM
Encryption does not work, since packet headers still reveal a great deal
about users.
End-to-end anonymity is needed.
Solution: a distributed, anonymous network
15. Going to the dark land…
THE onion network (TOR)
The garlic network –I2P
Search Engines: SHODAN
16. What is Tor
Tor is a distributed anonymous communication service
using an overlay network that allows people and groups
to improve their privacy and security on the Internet.
Individuals use Tor to keep websites from tracking them,
or to connect to those internet services blocked by their
local Internet providers.
Tor's hidden services let users publish web sites and
other services without needing to reveal the location of
the site.
18. How Tor Works? --- Onion Routing
Alice Bob
OR2
OR1
M
√M
A circuit is built incrementally one hop by one hop
Onion-like encryption
Alice negotiates an AES key with each router
Messages are divided into equal sized cells
Each router knows only its predecessor and successor
Only the Exit router (OR3) can see the message, however it does
not know where the message is from
M
OR3
M
C1 C2
C2 C3
C3 Port
20. What is I2P?
I2P stands for Invisible Internet Project.
An anonymizing P2P network providing end to end encryption*.
Utilizes decentralized structure to protect the identity of both the sender
and receiver.
It is built for use with multiple applications including email, torrents, web
browsing, IM and more.
UDP based (unlike Tor’s TCP streams)
There exists more like MAIDSAFE ,MALESTORM,ZERONET, and many
more bitorrent based networks in internet.
21. This is an example of one of the many online black markets. This one did not require a
paid membership. There are many different ways to spend bit coins, such as on apparel,
money transfers, drugs, books, and even digital goods.
22. Oops.. No Barter Here
A digital currency that is created and exchanged independently of any
government or bank. The currency is generated through a computer
program and can be converted into cash after being deposited into virtual
wallets.
-Participants begin using Bitcoin by first acquiring a Bitcoin wallet and
one or more Bitcoin addresses. Bitcoin addresses are used for receiving
Bitcoins, similar to how e-mail addresses are used for receiving e-mail.
23. This is an example of someone’s own personal page, with content picked out due to it’s
controversial nature. Here you can find anything from banned readings, to trefelling.
There is content on making one’s own explosives, and many different military type
documents and guidebooks.
24. Another scholarly database, this .onion site is a compilation of financial, business, real
estate, and even marketing tools and texts free to anyone who wants to download them.
The Deep Web is a great archive for educational material.
25. What is Shodan?
Search engine
http://www.shodan.io/
Finds anything connected to the internet
Named after AI in System Shock 2 (1999)
“Sentient Hyper-Optimized
Data Access Network “
Developed by John Matherly.
Went live in 2009
Currently indexes over 500 million
connected devices monthly
10,000 Industrial Control Systems
26. What is Shodan?
Rather than to locate specific content on a particular search term,
SHODAN is designed to help the user find specific
nodes (desktops, servers, routers, switches, etc.) with specific content in
their banners
Optimizing search results requires some basic knowledge of banners.
27. How Shodan Searches
Web search engines index websites
Shodan indexes metadata and banners
Port 21/TCP (FTP)
Port 22/TCP (SSH)
Port 23/TCP (Telnet)
Port 80/TCP (HTTP)
“Tell me what you can tell me about yourself.”
28. Legality
Publicly available data
“public” in that it is unprotected
“Once that data is made public…it’s unclear whether it’s still protected by
data security laws.” – John Matherly
32. What Shodan Finds
Cameras
Webcams
Security cameras
Home security systems
Printers
Refrigerators
Caterpillar tractor control panels
Medical Devices
Car Washes
Hospital fetal monitoring
Critical infrastructure
(water, sewage, dams,
Automobile assembly lines
High School lighting systems
HVAC
Power Dam
Baby Monitors
Traffic Control Systems
34. Advantages
Dynamic content
Unlinked content
Private Web
Limited access content
Scripted content
Non-HTML/text content
Text content using the Gopher protocol and files hosted on FTP that
are not indexed by most search engines. Engines such as Google do
not index pages outside of HTTP or HTTPS.
35. You might be deeply vulnerable…
If you decide to look into the Deep Web on your own volition, make sure to
be careful.
-Have anti-virus protection.
-Be intelligent about what links you click. The Deep Web is a haven for
Phishers.
-If you don’t want to see any disturbing images or content, simply
browse as text-only.
37. Directories to search the
Invisible Web
Big Hub
http://www.thebighub.com/
Complete Planet: The Deep Web Directory
70,000 searchable databases and specialty search engines
http://www.completeplanet.com
Digital Librarian: A Librarian’s Choice of the Best of the Web
www.digital-librarian.com
38. References
1. Wikipedia,
http://en.wikipedia.org/wiki/Deep_web
2. Bergman, Michael K , "The Deep Web: Surfacing Hidden Value". The
Journal of Electronic Publishing , August 2001
3. Alex Wright, "Exploring a 'Deep Web' That Google Can’t Grasp". The New
York Times. Sept 23, 2009.
http://www.nytimes.com/2009/02/23/technology/internet/23search.html?th
&emc=th
4. Jesse Alpert & Nissan Hajaj, “We knew the web was big…”, 2008
http://googleblog.blogspot.com/2008/07/we-knew-web-was-big.html
39. References
Bergman, Michael K. “The Deep Web: Surfacing Hidden Value.”
http://www.beta.brightplanet.com/deepcontent/tutorials/DeepWeb/index.asp (8 November 2004).
Cadwallader, Joy. “Searching the Invisible Web.”
http://www.inf.aber.ac.uk/academicliaison/internet/invisible.asp (4 November 2004).
Chillingworth, Mark. “Internet archive to build alternative to Google.” Information World.
http://www.iwr.co.uk/IWR/1160176. (30 December 2004).
Cohen, Laura. “How to Choose a Search Engine or Directory.”
http://library.albany.edu/internet/choose.html (4 November 2004).
“Does Google move augur commericalization of libraries?”
http://www.freep.com/news/statewire/sw108716_20041214.htm (15 December 2004).
Grimes, Brad. “Expand your Web search horizons: six tips for finding the info you want by
searching hidden corners of the Web.” PC World. June, 2002.
“Invisible Web: What it is, Why it exists, How to find it, and Its inherent ambiguity.”
http://www.lib.berkeley.edu/TeachingLib/Guides/Internet/InvisibleWeb.html (4 November 2004).
Lessig, Lawrence. “Let a Thousand Googles Bloom.”
http://www.latimes.com/news/opinion/commentary/la-oe-lesig12Jan12,1,1292618.story?ctrack=1
(13 January 2005).
McLaughlin, Laurianne. “Beyond Google: the web is so full of useful info that no search engine can
find it all. But a multitude of specialty sites deliver shopping advice, reference databases, leisure-
time ideas, and more – fast.” PC World. April, 2004.