Free Speech
Essay by kristincharity • February 20, 2012 • Essay • 2,875 Words (12 Pages) • 1,434 Views
KEERAT SHARMA
CSC-288; Fall 2009
T O R
An Onion Routing Network
Keerat Sharma * Term Paper * CSC-288
Contents
You aren't anonymous! 2
On the network! 2
And if we dig deeper! 3
Tor! 4
Establishing virtual circuits! 4
Routing Onions! 5
The benefits of using Tor! 6
What you don't get when you use Tor! 7
Why the world needs Tor! 8
Bibliography! 9
!
!
Keerat Sharma! CSC-288 Fall 2009
1
You aren't anonymous
Privacy1
1. the state of being private; retirement or seclusion.
2. the state of being free from intrusion or disturbance in one's private life or affairs: the right to privacy.
3. secrecy.
On the network
It is extremely difficult to remain anonymous on the internet. Consider that most Hypertext Transfer Protocol (HTTP)
servers log the Internet Protocol (IP) address of a requesting host, along with a plethora of metadata. Here's a real
world example to show how much information is available to a typical web server.
A client makes a request to a server:
http://[example server].com/index.html
A default installation of an Apache2 server installation would log the following:
97.119.50.76 - - [01/Oct/2009:21:35:22 -0500] "GET /index.html HTTP/1.1" 200
810 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.1.3)
Gecko/20090824 Firefox/3.5.3"
Anyone with access to the server logs now has the requesting host's:
* IP Address
* Timestamp at which point they executed a request
* What they asked for
* The specific browser implementation and version that they used
* The operating system they they were on
* The language that the host is configured to operate on
Using this knowledge, we can leverage some easily available public resources and identify some more information.
Let's leverage the IP address in the example above (97.119.50.76). We can run the IP against the whois database.
Here's a snippet of what we see:
$ whois 97.119.50.76
[Querying whois.arin.net]
[whois.arin.net]
OrgName: Qwest Communications Company, LLC
The server administrator can now identify that the requesting host was connected to the internet using Qwest Communications
as their Internet Service Provider (ISP).
Keerat Sharma! CSC-288 Fall 2009
2
1 Definition acquired at http://dictionary.reference.com/browse/privacy
They can dig more though. Consider this commonly available information when you interrogate domain name servers
(DNS):
$ nslookup
> 97.119.50.76
Server:! XXX.XXX.XXX.XXX
Address:! XXX.XXX.XXX.XXX#53
Non-authoritative answer:
XX.XX.XXX.XX.in-addr.arpa! name = 97-119-50-76.omah.qwest.net.
Clearly, there's a hint in the above that the host resides as part of the quest network, and there's a 'omah' segment
that seems interesting.
Publicly available databases that resolve IP address to geographic locations are freely available, and perform this
service pretty well. According to the MaxMind GeoIP system, the above IP resolves to Omaha, Nebraska, which correlates
with the DNS registration of the host.
And if we dig deeper
Network layer analysis isn't exclusive to just the target server though. A very significant threat surrounds compromised
or malicious routers along the routing path for a connection allowing for examination of packet data and flow.
More sophisticated adversaries can examine packets as they enter networks that they have some control over. In
short, once a packet leaves a host, it can be subject to a variety of analysis by intermediate parties before it reaches the
target server.
On an application specific basis, the volume of analysis capabilities increases significantly. In an HTTP setting, servers
can set cookies to store information about the end user that will be re-transmitted on each subsequent request by the
client. Many dynamic web applications can also perform URL re-writing, where session related information is embedded
into the links on the page, allowing the server to maintain a session for the end user. Frequently this information
flows over non-encrypted channels.
Content served by an HTTP application can execute on the client side and transmit back information to the server.
...
...