Tor Bruce Maggs relying on materials from

Slides:



Advertisements
Similar presentations
Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
Advertisements

SSH SSH is “Secure SHell” Secure, compressed, widely supported, fast Allows both users to get jobs done, and also allows system administrators to sleep.
Tor: The Second-Generation Onion Router
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
Security Firewall Firewall design principle. Firewall Characteristics.
King of Limitations Present by: Ao-Jan Su. Accuracy? Accuracy depends on the distance of end hosts and their authoritative name servers. Not true for.
A Security Pattern for a Virtual Private Network Ajoy Kumar and Eduardo B. Fernandez Dept. of Computer Science and Eng. Florida Atlantic University Boca.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &
Lesson 17 – UNDERSTANDING OTHER NETWARE SERVICES.
By: Bryan Carey Randy Cook Richard Jost TOR: ANONYMOUS BROWSING.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Topics 1.Security options and settings 2.Layer 2 vs. Layer 3 connection types 3.Advanced network and routing options 4.Local connections 5.Offline mode.
Tor61. R2 Open Opened Created Create Relay (Extend) Relay (Extended) Create Created Time P P P P.
Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Anonymity on the Web: A Brief Overview By: Nipun Arora uni-na2271.
Anonymizing Network Technologies Some slides modified from Dingledine, Mathewson, Syverson, Xinwen Fu, and Yinglin Sun Presenter: Chris Zachor 03/23/2011.
The Anonymous File Transfer Network
Aaron Johnson U.S. Naval Research Laboratory CSci 6545 George Washington University 11/18/2013.
Tor (Anonymity Network) Scott Pardue. Tor Network  Nodes with routers within the network (entry, middle, exit)  Directory servers  Socket Secure (SOCKS)
Certificates ID on the Internet. SSL In the early days of the internet content was simply sent unencrypted. It was mostly academic traffic, and no one.
Firewalls CS158B Don Tran. What is a Firewall? A firewall can be a program or a device that controls access to a network.
Middleboxes & Network Appliances EE122 TAs Past and Present.
Sofya Rozenblat 11/26/2012 CS 105 TOR ANONYMITY NETWORK.
Privacy-Preserving P2P Data Sharing with OneSwarm -Piggy.
OpenVPN OpenVPN: an open source, cross platform client/server, PKI based VPN.
Secure Socket Layer (SSL)
Anonymous routing and mix nets (Tor) Yongdae Kim Significant fraction of these slides are borrowed from CS155 at Stanford 1.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
1 Lies, damn lies and Web statistics A brief introduction to using and abusing web statistics Paul Smith, ILRT July 2006.
CHAPTER 3 PLANNING INTERNET CONNECTIVITY. D ETERMINING INTERNET CONNECTIVITY REQUIREMENTS Factors to be considered in internet access strategy: Sufficient.
XMPP Concrete Implementation Updates: 1. Why XMPP 2 »XMPP protocol provides capabilities that allows realization of the NHIN Direct. Simple – Built on.
1 Chapter 7: NAT in Internet and Intranet Designs Designs That Include NAT Essential NAT Design Concepts Data Protection in NAT Designs NAT Design Optimization.
Cullen Jennings Certificate Directory for SIP.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Tunneling and Securing TCP Services Nathan Green.
IPv6 transition strategies IPv6 forum OSAKA 12/19/2000 1/29.
TCP/IP Model & How it Relates to Browsing the Internet Anonymously BY: HELEN LIN.
MIS Week 13 Site:
Overview  Anonymity systems  Review of how Tor works  Tor Project Inc.  Helper tools and accessories  Advanced Tor control  Attack Vectors.
The Silk Road: An Online Marketplace
Supplemental Information on TOR (The Onion Router) CEH ed 8, Rev 4 CS3695 – Network Vulnerability Assessment & Risk Mitigation–
Family Connection Collaborative Webs A Tool for Creating and Managing Web sites.
Traffic Correlation in Tor Source and Destination Prediction PETER BYERLEY RINDAL SULTAN ALANAZI HAFED ALGHAMDI.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Quiz 2 Post-Mortem Bruce Maggs. 2 Create a new BitCoin address, and use it only once. E.g., create a new wallet. Create a new address and mine a BitCoin.
ROGER DINGLEDINE, NICK MATHEWSON, PAUL SYVERSON THE FREE HAVEN PROJECT &NAVAL RESEARCH LAB PRESENTED BY: COREY WHITE Tor: The Second-Generation Onion Router.
SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.
05/03/2011Pomcor 1 Meeting the Privacy Goals of NSTIC in the Short Term Presentation at the 2011 Internet Identity Workshop Francisco Corella and Karen.
Can SSL and TOR be intercepted? Secure Socket Layer.
1 CNLab/University of Ulsan Chapter 19 Firewalls  Packet Filtering Firewall  Application Gateway Firewall  Firewall Architecture.
Lecture 10 Page 1 CS 236 Online SSL and TLS SSL – Secure Socket Layer TLS – Transport Layer Security The common standards for securing network applications.
Tor Bruce Maggs relying on materials from
Contents Software components All users in one location:
Lecture 5 Blocking practices
Intro to Ethical Hacking
Tor Internals and Hidden Services
Digital Forensics 2 Presented by : J.Silaa Lecture: FCI 30 Aug 2017
Intro to Ethical Hacking
Exercise ?: TOR.
0x1A Great Papers in Computer Security
SSH SSH is “Secure SHell” Secure, compressed, widely supported, fast
Alex Guy packets (stars) tor routers users web servers (squares)
Firewalls Jiang Long Spring 2002.
Install AD Certificate Services
Bruce Maggs relying on materials from
Bruce Maggs relying on materials from
Bruce Maggs relying on materials from
Presentation transcript:

Tor Bruce Maggs relying on materials from

2

How Tor Works 3

4

Tor Cryptography Each router maintains a TLS connection to every other node Each router has a long-term ``identity’’ public/private key pair used to sign TLS certificates Short term ``onion’’ keys are used to set up circuits, negotiate private keys 5

6

How Tor Works 7

Bridge Relays (a.k.a. Bridges) Some ISPs/governments block all traffic to relays that appear in the Tor directory. Bridges are relays that don’t appear in the directory. User has to solve the problem of finding a bridge. 8

Solve a Captcha to get Bridge Address 9

10

Growth of Tor Network 11

Growth of Tor Network 12

Spike in Number of Users 13

Possible Explanation for Spike Botnet “Mevade.A” a.k.a. “Sefnit” a.k.a. “SBC” is using Tor for connectivity botnet-cause-of-recent-tor-network- overload/ 14

15

Tor Exit Nodes See Plaintext! 16

Tor Browser 17

Tor Browser 18

19

Tor-Aware Web Servers 20 Connect directly to Tor, do not advertise their network addresses.

Using Tor as a SOCKS5 Proxy Can tunnel any TCP connection through Tor (and DNS requests) First run the Tor browser, it will also act as a SOCKS5 proxy and accept connections Configure your application, e.g., chat, to use as SOCKS5 proxy 21

Configure HexChat to use Proxy 22

Now Chatting through Tor 23

4 24