Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "Tor"

From NetSec
Jump to: navigation, search
(Getting Tor and Extra Uses)
(Common Pitfalls)
Line 14: Line 14:
  
 
==Common Pitfalls==
 
==Common Pitfalls==
The onion structure has problems. The problems can be read in a comical form here: http://encyclopediadramatica.ch/The_Great_Em/b/assy_Security_Leak_of_2007.
+
The onion structure undoubtedly has issues. Such problems can be read in a comical form [http://encyclopediadramatica.ch/The_Great_Em/b/assy_Security_Leak_of_2007 here].
  
 
Without clicking links, exit node operators can sniff the traffic that passes through. Some operators do this and for this reason, you should assume tor traffic is being monitored and therefore, always use some form of end to end encryption.
 
Without clicking links, exit node operators can sniff the traffic that passes through. Some operators do this and for this reason, you should assume tor traffic is being monitored and therefore, always use some form of end to end encryption.
Line 20: Line 20:
 
If you're sshing into a box over tor, you've got end to end crypto covered
 
If you're sshing into a box over tor, you've got end to end crypto covered
  
Now, another thing you can do to help protect yourself somewhat is to exclude shitty nodes. A nice list of shitty nodes to exclude can be found here: http://pastebin.com/2t8tpeng
+
Now, another thing you can do to help protect yourself somewhat is to exclude shitty nodes. A nice list of shitty nodes to exclude can be found [http://pastebin.com/2t8tpeng here].
 
For linux users, add that line to your /etc/tor/torrc file and restart tor.
 
For linux users, add that line to your /etc/tor/torrc file and restart tor.
  

Revision as of 00:14, 2 May 2012

onion.jpg
Special thanks to Nachash for this lesson.

Tonight's talk is going to be about Tor. How it works, how to use it, common pitfalls, and places to go There's a lot of almost superstitious nonsense about tor, both pro and con. Hopefully, this little talk will help dispel a good deal of that. You take a big chance using tor. Your privacy isn't assured in any way. Anonymity is, as long as you change up your habits. Don't use usernames, or if you do, use different ones, change up your writing style. You have to basically pick up a different set of habits if you want any form of privacy.

How It Works

Tor originally stood for "The Onion Router". How this basically works is, your traffic gets wrapped in multiple layers of encryption, it passes from your box to the first node in the chain Where it gets decrypted once, and passed to the next node. It then gets decrypted again and passed to the exit node. The exit node decrypts it the last time, and sends your traffic in the clear.

Tor bridges are basically unofficial entry points into the tor network. People in places like china have to use them in order to access tor because all of the official nodes are banned. AnonOps was making bridges left and right during the Middle East protests.

Common Pitfalls

The onion structure undoubtedly has issues. Such problems can be read in a comical form here.

Without clicking links, exit node operators can sniff the traffic that passes through. Some operators do this and for this reason, you should assume tor traffic is being monitored and therefore, always use some form of end to end encryption.

If you're sshing into a box over tor, you've got end to end crypto covered

Now, another thing you can do to help protect yourself somewhat is to exclude shitty nodes. A nice list of shitty nodes to exclude can be found here. For linux users, add that line to your /etc/tor/torrc file and restart tor.

If youre running a tor service (its very easy, just add one line to your tor config), you should be running it as a tor node for security reasons. Services not on a node are vulnerable to certain attacks.

Getting Tor and Extra Uses

For more practical stuff, most people are just going to grab the browser bundle off torproject.org. It's probably the easiest way. A nice little trick for those who have tor installed/running is to use it as a socks5 proxy. You set your proxy address to 127.0.0.1, and the port to 9050. Bam, instant socksified tor. For running command-line programs over tor, torify is recommended Which looks something like torify ssh [email protected].

Proxychains and Tor-Resolve

Proxychains and tor-resolve work better than torify usually as torify leaks DNS. Proxychains adds a library to LD_Preload, which basically wraps all DNS and connect calls to proxified ones and tor-resolve simply resolves a domain name to an ip using tor.

Also make note you can torify a whole box or shell session by adding "libproxychains.so.5" to /etc/ld.so.preload.

Hidden services

When connecting to "normal" websites, the connection looks roughly like this: You > tor node 1 > tor node 2 > exit node > internet Hidden services look like this: you > arbitrary # nodes > rendezvous < arbitrary # nodes < hs box

Hidden service is also very slow but ssl is basically moot. So literally, 7 proxies and someimes more than 7 proxies.

There was an article in 2600 a couple of years back about using the control port to change the length of tor circuits, and other things. That article was republished for free here: http://thesprawl.org/memdump/?entry=8 for those who are interested.

Hidden services are fairly badass. One of the pitfalls with them is a correlation attack. If someone controls enough nodes, they can send enough traffic to the hidden service to find its location. The best way to help prevent this is to make your hidden service a tor node, as well. Then it passes non-hs traffic and keeps anonymous.

About hidden services, they use .onion as a pseudo-tld. Example: hidden wiki is here: http://kpvz7ki2v5agwt35.onion/wiki/index.php/Main_Page. .onion is a way of describing a hidden service without giving away its location. The string before the .onion is actually a key fingerprint. This ensures a few different things, the service cant be found and it has the private key you expect it to have (it's what it claims to be).

The Silk Road

One of the more well known .onions is The Silk Road. For those who missed out, it's a venue for buying and selling drugs. Also, the gawker article on Silk Road: http://gawker.com/5805928/the-underground-website-where-you-can-buy-any-drug-imaginable You can buy drugs with bitcoins now. Welcome to the future.

Conclusion

Remember when I said you don't really have privacy, but you have anonymity? As long as youre careful about what info you disclose. However if youre buying goods you at least have to disclose your address. A lot of vendors on SR have PGP keys for this reason. This is not the biggest problem. While sellers are pretty much in the clear, assuming tor or SR itself arent compromised, buyers are vulnerable to stings. Either from sloppy sellers getting busted (maybe they werent so careful about erasing/storing your address) or from stings where the buyer is a fed/informant.



Tor
is part of a series on

Anonymity

Visit the Anonymity Portal for complete coverage.