Hacklog Volume 1 Anonymity: it security & Ethical Hacking Handbook

part is followed by a popular web service: if you choose Amazon, for example

Download 2,32 Mb.

Pdf ko'rish

bet	19/57
Sana	01.01.2022
Hajmi	2,32 Mb.
	#289651

1 ... 15 16 17 18 19 20 21 22 ... 57

Bog'liq
Hacklog Volume 1 Anonymity IT Security Ethical Hacking Handbook

part is followed by a popular web service: if you choose Amazon, for example,
the ISP will think you are communicating with the world-famous e-commerce
(or with AWS cloud, more precisely), or Azure with Microsoft cloud and
Google... well, with Google services of course. As explained by TOR Project,
the meek-* based protocols are slower than the obfs-* ones and should be used
only when the ISP blocks the latter. If needed, you can follow the TOR Project
official guide; it explains how to configure your client to use this meek
[36]
. In
case of doubts, you can safely skip this protocol (or at least run some tests).
Currently, they seem to be the only solid alternative in the occurrence of
advanced censorship, like the late 2015 case in China; however, it is still an early
version and the situation may change in years.
ScrambleSuit
The ScrambleSuit project – as reported on the Github official page
[37]
– aims
to solve two problems:
•
Protect the user against monitoring attacks, requesting a “secret” shared by
client and server and leveraging an out-of-band communication via BridgeDB
(TOR bridge listing service).

•

Protect from analysis attacks, alternating the data flow. ScrambleSuit can
alter time and length of the package being communicated.
It was developed as an independent transport protocol from SOCKS
protocols, e.g. HTTP, SMTP, SSH and so on. All the above should better explain
how the Obfs4 protocol works as well, which is considered as faster and more
stable
[38]
, so we recommend to use ScrambleSuit only when Obfs4 is
unavailable. At the current stage, ScrambleSuit is no more under development.
The abandoned protocols also include SkypeMorph
[39]
, Dust
[40]
and FTE
[41]
.
You can find the complete relays and P.T. documentation on the Tor Project
official page
[42]
.
4.1.8 Testing the quality of TOR
In this part of the document, we will run some tests to check the TOR
Browser safety.
As for VPNs, on the Testers via Browser you will see some alerts related to
JavaScript, Apple-X, Cookies, WebRTC, Java... all these vulnerabilities will be
covered in a separate chapter, “Local Resources”

4.1.8.1 TOR Test via Browser
The reference site for your tests will be TorCheck
[43]
, powered by xenobite.
You can see the test results in Figures 18 and 19..
Figure 18: TorCheck without using TOR Browser
Figure 19: TorCheck using TOR Browser
From this page we get a report including different items and values. As you
can see on the top screen, the fields with a light green background represent a
good protection, the light red ones, instead, relate to issues to be fixed (please
note, in this example you will receive the “Your real IP” item as red, probably
due to a bug). Here’s the meaning of the items:

•
Your real IP: your actual IP address. If you can see this, your security may
be compromised.
•

Your current IP: here you can see the IP address shown to the site you are
viewing. If everything goes as planned, you will get a different IP than yours (it
will be the exit node one).
•
Your current FQDN: FQDN is the domain name specifying the DNS levels.
That identifier warns you that your IP address is still logged by your ISP during
the domain resolution.
•

Download 2,32 Mb.

Do'stlaringiz bilan baham:

1 ... 15 16 17 18 19 20 21 22 ... 57