tor: the second-generation onion routersep 27 12:09:23.258 [warn] fetch_from_buf_socks(): your...
TRANSCRIPT
![Page 1: Tor: The Second-Generation Onion RouterSep 27 12:09:23.258 [warn] fetch_from_buf_socks(): Your application (using socks5 on port 80) is giving Tor only an IP address. Applications](https://reader033.vdocument.in/reader033/viewer/2022042312/5edbd80ead6a402d66664160/html5/thumbnails/1.jpg)
Tor: The Second-GenerationOnion Router
Roger Dingledine, Nick Mathewson, Paul Syverson
Tor
Daniel Medina
29 September 2004
![Page 2: Tor: The Second-Generation Onion RouterSep 27 12:09:23.258 [warn] fetch_from_buf_socks(): Your application (using socks5 on port 80) is giving Tor only an IP address. Applications](https://reader033.vdocument.in/reader033/viewer/2022042312/5edbd80ead6a402d66664160/html5/thumbnails/2.jpg)
Tor: Tor’s Onion Routing
Roger Dingledine, Nick Mathewson, Paul Syverson
Usenix Security 2004, Defcon 2004
Tor
![Page 3: Tor: The Second-Generation Onion RouterSep 27 12:09:23.258 [warn] fetch_from_buf_socks(): Your application (using socks5 on port 80) is giving Tor only an IP address. Applications](https://reader033.vdocument.in/reader033/viewer/2022042312/5edbd80ead6a402d66664160/html5/thumbnails/3.jpg)
Overview
Threats
Counter-measures
Demo
Discussion
Tor
![Page 4: Tor: The Second-Generation Onion RouterSep 27 12:09:23.258 [warn] fetch_from_buf_socks(): Your application (using socks5 on port 80) is giving Tor only an IP address. Applications](https://reader033.vdocument.in/reader033/viewer/2022042312/5edbd80ead6a402d66664160/html5/thumbnails/4.jpg)
Threat(s)
No Anonymity
Anonymous Tipsters
Personal Communication
Government Agencies
Tor
![Page 5: Tor: The Second-Generation Onion RouterSep 27 12:09:23.258 [warn] fetch_from_buf_socks(): Your application (using socks5 on port 80) is giving Tor only an IP address. Applications](https://reader033.vdocument.in/reader033/viewer/2022042312/5edbd80ead6a402d66664160/html5/thumbnails/5.jpg)
Threat(s)
Tor
Just in case you didn’t believe me aboutthe “Government Agencies” part
http://www.onion-router.net/Sponsors.html
![Page 6: Tor: The Second-Generation Onion RouterSep 27 12:09:23.258 [warn] fetch_from_buf_socks(): Your application (using socks5 on port 80) is giving Tor only an IP address. Applications](https://reader033.vdocument.in/reader033/viewer/2022042312/5edbd80ead6a402d66664160/html5/thumbnails/6.jpg)
Threat(s)
Attackers
Network Service Provider
Content Providers
Government Agencies
Tor
![Page 7: Tor: The Second-Generation Onion RouterSep 27 12:09:23.258 [warn] fetch_from_buf_socks(): Your application (using socks5 on port 80) is giving Tor only an IP address. Applications](https://reader033.vdocument.in/reader033/viewer/2022042312/5edbd80ead6a402d66664160/html5/thumbnails/7.jpg)
Counter-measures
Tor
A “mix”; which is the real message?
Some background…
Images from slides by Dingledine
Layers (hence, “onion”), ofencryption, per-hop
Anonymizing path (not data)Use Privoxy for data protection
![Page 8: Tor: The Second-Generation Onion RouterSep 27 12:09:23.258 [warn] fetch_from_buf_socks(): Your application (using socks5 on port 80) is giving Tor only an IP address. Applications](https://reader033.vdocument.in/reader033/viewer/2022042312/5edbd80ead6a402d66664160/html5/thumbnails/8.jpg)
Counter-measures
Tor
Client initiates connection, and establishes session keys, builds path
Protect volunteer routers bybuilding in bandwidth controls
![Page 9: Tor: The Second-Generation Onion RouterSep 27 12:09:23.258 [warn] fetch_from_buf_socks(): Your application (using socks5 on port 80) is giving Tor only an IP address. Applications](https://reader033.vdocument.in/reader033/viewer/2022042312/5edbd80ead6a402d66664160/html5/thumbnails/9.jpg)
Demo
http://freehaven.net/tor
Tor
# after “./configure && make && sudo make install”, on Mac OS Xdyn-wireless-244-195:/ medina$ /usr/local/bin/torSep 27 12:09:18.858 [notice] tor_init(): Tor v0.0.8. This is experimental software.
Do not use it if you need anonymity.Sep 27 12:09:18.860 [notice] Configuration file '/usr/local/etc/tor/torrc' not present,
using reasonable defaults.Sep 27 12:09:21.620 [notice] circuit_send_next_onion_skin(): Tor has successfully opened a circuit. Looks like it's working.Sep 27 12:09:23.258 [warn] fetch_from_buf_socks(): Your application (using socks5 on port 80) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead.
![Page 10: Tor: The Second-Generation Onion RouterSep 27 12:09:23.258 [warn] fetch_from_buf_socks(): Your application (using socks5 on port 80) is giving Tor only an IP address. Applications](https://reader033.vdocument.in/reader033/viewer/2022042312/5edbd80ead6a402d66664160/html5/thumbnails/10.jpg)
Demo
Tor
![Page 11: Tor: The Second-Generation Onion RouterSep 27 12:09:23.258 [warn] fetch_from_buf_socks(): Your application (using socks5 on port 80) is giving Tor only an IP address. Applications](https://reader033.vdocument.in/reader033/viewer/2022042312/5edbd80ead6a402d66664160/html5/thumbnails/11.jpg)
Demo
Tor
Verifyhttp://junkbusters.com/cgi-bin/privacy
Remote host: one of the proxies
User-Agent, other client info leaked
![Page 12: Tor: The Second-Generation Onion RouterSep 27 12:09:23.258 [warn] fetch_from_buf_socks(): Your application (using socks5 on port 80) is giving Tor only an IP address. Applications](https://reader033.vdocument.in/reader033/viewer/2022042312/5edbd80ead6a402d66664160/html5/thumbnails/12.jpg)
Discussion
Tor