Bruce Maggs relying on materials from

Slides:

Advertisements

Similar presentations

Tor: The Second-Generation Onion Router

Advertisements

A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.

Security Awareness: Applying Practical Security in Your World

By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.

Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.

Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.

0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S

Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.

Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.

Tor (Anonymity Network) Scott Pardue. Tor Network  Nodes with routers within the network (entry, middle, exit)  Directory servers  Socket Secure (SOCKS)

1 Lies, damn lies and Web statistics A brief introduction to using and abusing web statistics Paul Smith, ILRT July 2006.

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

Tunneling and Securing TCP Services Nathan Green.

MIS Week 13 Site:

Overview  Anonymity systems  Review of how Tor works  Tor Project Inc.  Helper tools and accessories  Advanced Tor control  Attack Vectors.

The Silk Road: An Online Marketplace

Traffic Correlation in Tor Source and Destination Prediction PETER BYERLEY RINDAL SULTAN ALANAZI HAFED ALGHAMDI.

Tor Bruce Maggs relying on materials from

SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.

Tor Bruce Maggs relying on materials from

1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 

Lecture 9 Page 1 CS 236 Online Firewalls What is a firewall? A machine to protect a network from malicious external attacks Typically a machine that sits.

Polytechnic University Firewall and Trusted Systems Presented by, Lekshmi. V. S cos

Systems Architecture Anonymous Key Agreement Dominik Oepen

Secure HTTP (HTTPS) Pat Morin COMP 2405.

Anonymous Internet Protocols

Contents Software components All users in one location:

anonymous routing and mix nets (Tor)

Onions and Garlic: the protocols of I2P

Firewall Techniques Matt Cupp.

NET 536 Network Security Firewalls and VPN

CS590B/690B Detecting Network Interference (Fall 2016)

Security in the layers 8: Network Security.

The Onion Router Hao-Lun Hsu

Intro to Ethical Hacking

Network Address Translation

Tor Internals and Hidden Services

Computer Data Security & Privacy

Prepared By : Pina Chhatrala

Domain 4 – Communication and Network Security

Practical Censorship Evasion Leveraging Content Delivery Networks

Anonymous Communication

Digital Forensics 2 Presented by : J.Silaa Lecture: FCI 30 Aug 2017

Intro to Ethical Hacking

IPSec VPN Chapter 13 of Malik.

Christo Wilson Revised 8/21/15

6.6 Firewalls Packet Filter (=filtering router)

2018 Real Cisco Dumps IT-Dumps

Exercise ?: TOR.

Privacy Through Anonymous Connection and Browsing

Server-to-Client Remote Access and DirectAccess

0x1A Great Papers in Computer Security

SSH SSH is “Secure SHell” Secure, compressed, widely supported, fast

Firewalls Routers, Switches, Hubs VPNs

Anonymous Communication

Alex Guy packets (stars) tor routers users web servers (squares)

Firewalls By conventional definition, a firewall is a partition made

Firewalls Jiang Long Spring 2002.

دیواره ی آتش.

Quiz 1 Post-Mortem Bruce Maggs.

Anonymity (Privacy) Suppose you are surfing the Web.

Install AD Certificate Services

Introduction to Network Security

Anonymous Communications

Bruce Maggs relying on materials from

Anonymous Communication

Bruce Maggs relying on materials from

Anonymous Communication

Hosted Security.

Presentation transcript:

Bruce Maggs relying on materials from http://www.torproject.org Tor Bruce Maggs relying on materials from http://www.torproject.org

How Tor Works (directory server)

How Tor Works

Encryption Keys in TOR Each relay has a long-term ``identity’’ public/private key pair used to sign TLS certificates (public keys signed by directory) Medium-term (one week) public/private ``onion’’ keys are used to decrypt requests to extend circuits – so first node can’t spoof the whole path. These keys are deleted so that if relay is compromised, old traffic can’t be decrypted. Short-term “connection” or “ephemeral” shared private keys are used to encrypt connections.

How Tor Works

Bridge Relays (a.k.a. Bridges) Some ISPs/governments block all traffic to relays that appear in the Tor directory. Bridges are relays that don’t appear in the directory. User has to solve the problem of finding a bridge.

Solve a Captcha to get Bridge Address

Growth of Tor Network

Growth of Tor Network

Spike in Number of Users

Possible Explanation for Spike Botnet “Mevade.A” a.k.a. “Sefnit” a.k.a. “SBC” is using Tor for connectivity http://blog.fox-it.com/2013/09/05/large-botnet-cause-of-recent-tor-network-overload/

Tor Exit Nodes See Plaintext! http://archive.wired.com/politics/security/news/2007/09/embassy_hacks?currentPage=all

Timing Attacks Attacker controls both an entry node and an exit node (or routers nearby) Attacker controls inter-packet delays or throughput as traffic enters an entry node Attacker looks for same pattern at exit node

Tor Browser

Tor Browser

Tor-Aware Web Servers Connect directly to Tor, do not advertise their network addresses.

Establishing a Hidden Service

Establishing a Hidden Service

Finding a Hidden Service

Contacting a Hidden Service

Contacting a Hidden Service

Communicating with a Hidden Service

Using Tor as a SOCKS5 Proxy Can tunnel any TCP connection through Tor (and DNS requests) First run the Tor browser, it will also act as a SOCKS5 proxy and accept connections Configure your application, e.g., chat, to use 127.0.0.1 as SOCKS5 proxy

Configure HexChat to use Proxy

Now Chatting through Tor

4