Free Speech
Essay Preview: Free Speech
Report this essay
KEERAT SHARMA
CSC-288; Fall 2009
T O R
An Onion Routing Network
Keerat Sharma * Term Paper * CSC-288
Contents
You arent anonymous! 2
On the network! 2
And if we dig deeper! 3
Tor! 4
Establishing virtual circuits! 4
Routing Onions! 5
The benefits of using Tor! 6
What you dont get when you use Tor! 7
Why the world needs Tor! 8
Bibliography! 9
Keerat Sharma! CSC-288 Fall 2009
You arent anonymous
Privacy1
1. the state of being private; retirement or seclusion.
2. the state of being free from intrusion or disturbance in ones private life or affairs: the right to privacy.
3. secrecy.
On the network
It is extremely difficult to remain anonymous on the internet. Consider that most Hypertext Transfer Protocol (HTTP)
servers log the Internet Protocol (IP) address of a requesting host, along with a plethora of metadata. Heres a real
world example to show how much information is available to a typical web server.
A client makes a request to a server:
A default installation of an Apache2 server installation would log the following:
Gecko/20090824 Firefox/3.5.3″
Anyone with access to the server logs now has the requesting hosts:
* IP Address
* Timestamp at which point they executed a request
* What they asked for
* The specific browser implementation and version that they used
* The operating system they they were on
* The language that the host is configured to operate on
Using this knowledge, we can leverage some easily available public resources and identify some more information.
Lets leverage the IP address in the example above (97.119.50.76). We can run the IP against the whois database.
Heres a snippet of what we see:
$ whois 97.119.50.76
[Querying whois.arin.net]
[whois.arin.net]
OrgName: Qwest Communications Company, LLC
The server administrator can now identify that the requesting host was connected to the internet using Qwest Communications
as their Internet Service Provider (ISP).
Keerat Sharma! CSC-288 Fall 2009
1 Definition acquired at
They can dig more though. Consider this commonly available information when you interrogate domain name servers
(DNS):
$ nslookup
> 97.119.50.76
Server:! XXX.XXX.XXX.XXX
Address:! XXX.XXX.XXX.XXX#53
Non-authoritative answer:
XX.XX.XXX.XX.in-addr.arpa! name = 97-119-50-76.omah.qwest.net.
Clearly, theres a hint in the above that the host resides as part of the quest network, and theres a omah segment
that seems interesting.
Publicly available databases that resolve IP address to geographic locations are freely available, and perform this
service pretty well. According to the MaxMind GeoIP system, the above IP resolves to Omaha, Nebraska, which correlates
with the DNS registration of the host.
And if we dig deeper
Network layer analysis isnt exclusive to just the target server though. A very significant threat surrounds compromised
or malicious routers along the routing path for a connection allowing for examination of packet data and flow.
More sophisticated adversaries can examine packets as they enter networks that they have some control over. In
short, once a packet leaves a host, it can be subject to a variety of analysis by intermediate parties before it reaches the
target server.
On an application specific basis, the volume of analysis capabilities increases significantly. In an HTTP setting, servers
can set cookies to store information about the end user that will be re-transmitted on each subsequent request by the
client. Many dynamic web applications can also perform URL re-writing, where session related information is embedded
into the links on the page, allowing the server to maintain a session for the end user. Frequently this information
flows over non-encrypted channels.
Content served by an HTTP application can execute on the client side and transmit back information to the server.

Get Your Essay

Cite this page

Address Of A Requesting Host And Malicious Routers. (June 11, 2021). Retrieved from https://www.freeessays.education/address-of-a-requesting-host-and-malicious-routers-essay/