Hacklog Volume 1 Anonymity: it security & Ethical Hacking Handbook

Download 2,32 Mb.

Pdf ko'rish

bet	18/57
Sana	01.01.2022
Hajmi	2,32 Mb.
	#289651

1 ... 14 15 16 17 18 19 20 21 ... 57

Bog'liq
Hacklog Volume 1 Anonymity IT Security Ethical Hacking Handbook

top left green onion icon).
4.1.6.1 Bridges advanced use
If you wish to manually set your bridges, (e.g. to use Tor Expert Bundle,
TOR-based Linux distros like Tails or TOR Browser through advanced
configuration), you must firstly visit the Bridge page of Torproject
(https://bridges.torproject.org/bridges), skip to step 2, complete the (impossible)
captcha on top and then obtain a value like the following (*** have been added):
92.***.0.174:9001 65B2F8E594190A3************59B0E32FC45720
194.***.208.26:27049 47063AFD4CB**********F16D6FE8DC68E6942DD6
107.191**.23:443 225A895211B179FDE2E8F8E3************ECC0B0
You can launch TOR Browser and pass the newly obtained bridges (Figure
16 only).
Figure 16: entering bridges on TOR
4.1.7 Pluggable Transports
Keep in mind, however, that bridges may be blacklisted as well, since
everyone can access them, censors included. In order to bypass that check, TOR
developers introduced a new feature, known as pluggable transports. PTs turn
the TOR traffic flow into “clean” traffic between client and bridge that may
otherwise be intercepted by the ISP with the Deep Packet Inspection (DPI)
technique, classifying the IP traffic flows and, once the pattern is compared,

blocking them upstream.
At the moment, PT technology is under active development and requires
operators and developers, in order to be efficiently integrated with the TOR
Project. Learn more by visiting the official web page
[33]
. The currently most
common PTs are defined as obfuscated bridges, since they obfuscate traffic in
order to make it hardly interpretable by ISPs. The underlying technology
leverages algorithms, identified by protocols, that mix the inbound and outbound
packets. There are three protocols of this kind: obfs2, obfs3 e obfs4.
Obfs2 (version 2, also known as “Twobfuscator”) is the simplest one: the
underlying technology allows to fetch inbound and outbound traffic data and
resort them randomly. As shown by recent studies, this protocol can be cracked
by intercepting the initial handshake (just like what happens with WEP security
of WiFi networks), thus revealing the enclosed information. As a deprecated
version, it’s out of development and unsupported by TOR.
Obfs3 (“Threebfuscator”) is quite similar to the previous protocol; however,
it uses Diffie Hellman for keys swap during the handshake (we will explain this
topic in “Encryption”).
Obfs4 is the fourth version of the protocol, although “it is closer to
ScrambleSuite than obfs2/obfs3”, as its developer said. The latest version is
seemingly the safest one, and is currently available in Tor Browser by default.
You can learn more about the protocol on the official Github page
[34]
. The Tor
Project official page also includes an Obfs4 list
[35]
.

4.1.7.1 MEEK & Scramblesuit Protocols
TOR can communicate with many other protocols, besides the Obfs family*
(Figure 17).
Figure 17: bridges selection on TOR
Meek-*
The protocols of the meek-* family have been created in 2014 to allow
tunneling in a HTTPS circuit. Furthermore, a technique known as “domain
fronting” hides TOR bridge communications to ISPs. As you can see, the meek-

Download 2,32 Mb.

Do'stlaringiz bilan baham:

1 ... 14 15 16 17 18 19 20 21 ... 57