Google
 
   
Login
Username:

Password:


Lost Password?

Register now!
Search

Advanced Search
Main Menu
top books
Polls
What do you think about php-deluxe.net?
Excellent!
Cool
Hmm..not bad
What the hell is this?
encyclopedia
HansaWorld
/dev/zero
Society for Worldwide...
Arbitrary code
Cat (Unix)
Categorization
HardOCP
recommendation
Freenet DSL
Who's Online
9 user(s) are online (7 user(s) are browsing encyclopedia)

Members: 0
Guests: 9

more...
browser tip
recommendation!
Sponsored
partner

Tor (anonymity network)

Tor is an implementation of second-generation onion routing - an anonymity system enabling its users to communicate Anonymity on the Internet. Originally sponsored by the US Naval Research Laboratory, Tor became an Electronic Frontier Foundation project in late 2004. As of late 2005, the EFF no longer sponsors the Tor project; they do however continue to host the [http://tor.eff.org/ Tor web site].

= Overview =

Tor aims to protect its users against Traffic analysis attacks. Tor operates an overlay network of onion routers that enables two things: anonymous outgoing connections and anonymous hidden services.

= Anonymous outgoing connections =

Users of the Tor network run an onion proxy on their machine. This software connects out to Tor, periodically negotiating a virtual circuit through the Tor network. Tor employs cryptography in a layered manner (hence the onion analogy), ensuring perfect forward secracy between routers. At the same time, the onion proxy software presents a SOCKS interface to its clients. SOCKS-aware applications may be pointed at Tor, which then multiplexes the traffic through a Tor virtual circuit.

Once inside the Tor network, the traffic is sent from router to router, ultimately reaching an exit node at which point the cleartext data is available and is forwarded on to its original destination. Viewed from the destination, the traffic appears to originate at the Tor exit node.

Tor s application independence separates it apart from most other anonymity networks: it works at the TCP stream level. Applications commonly anonymised using Tor include IRC, instant messaging and browsing the World Wide Web. When browsing the Web, Tor is often coupled with Privoxy - a filtering proxy server - that aims to add privacy at the application layer.

== Etiquette and abuse ==

Because Tor is capable of anonymising arbitrary TCP traffic, it attracts its fair share of abuse. Routers maintain an exit policy of what traffic is and is not permitted to leave the Tor network through that node. Using a combination of addresses and ports, it is possible to combat most major abuses of the Tor network. Potential abuses include:

;P2P : Legalities aside, it is considered impolite to transfer massive amounts of data across the Tor network - the onion routers are run by volunteers using their own bandwidth at their own cost. ;E-mail : Anonymity and SMTP usually results in SPAM. Consequently the default exit policy of Tor nodes rejects outgoing connections to port 25. ;Vandalism : Safe in the knowledge that they cannot be traced, users are occasionally tempted to vandalise collaborative web sites. As a result, many sites - [http://archives.seul.org/or/talk/Sep-2005/msg00233.html Wikipedia included] - take the decision to block Tor traffic.

= Anonymous hidden services =

Although Tor s most popular feature is its provision of anonymity to clients, it can also provide anonymity to servers. By using the Tor network, it is possible to host servers in such a way that their network location is unknown. In order to access a hidden service, Tor must also be used by the client.

Hidden services are accessed through the Tor-specific .onion top level domain. The Tor network understands this TLD and routes, anonymously, to the hidden service. The hidden service then hands over to standard server software, which should be configured to listen only on non-public interfaces. Services that are reachable through Tor hidden services and the public Internet are susceptible to correlation attacks, and consequently are not really hidden.

An added advantage of Tor hidden services is that, because no public IP address is required, services may be hosted behind Firewall (networking)s and NAT.

=See also=

*Java Anon Proxy - Java Anon Proxy *Mixmaster anonymous remailer - Mixmaster anonymous remailer *Mixminion - Mixminion anonymous remailer

  • toward anonymous proxies

    • =External links=

    *[http://tor.eff.org/ Tor homepage] *[http://wiki.noreply.org/noreply/TheOnionRouter Tor wiki with FAQs & HOWTOs] **[http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#Comparison Comparison of Tor with other anonymity networks] *[http://tor.freehaven.net/cvs/doc/design-paper/tor-design.html Tor design document] *[http://www.noreply.org/tor-running-routers/ Tor network statistics] *[http://www.i2p.net/how_networkcomparisons I2P s comparison of anonymity networks] *[http://6sxoyfb3h2nvok2d.onion/tor/ Hidden Tor Wiki] (Tor required)

    =Further reading=

    *[http://freehaven.net/anonbib/ Anonymity Bibliography]
  • Applied Cryptography , Bruce Schneier (ISBN 0471117099)
  • Email Security , Bruce Schneier (ISBN 047105318X)
  • Computer Privacy Handbook , Andre Bacard (ISBN 1566091713)
    		•