System administration. Cloud solutions. Information security. Business & entrepreneurship
For those of you who are not familiar with TOR, let me take a moment to explain what is it all about. TOR or ‘The Onion Network’ is a software bundle for enabling anonymous communication. Tor directs Internet traffic through a worldwide, volunteer network consisting of several thousand relays to hide user’s location and usage from anyone conducting network surveillance or traffic analysis. Tor tries to make it very hard to track your online activity back to you, but NOT IMPOSSIBLE!
Tor encrypts the data, including the destination IP address, multiple times and sends it through a virtual circuit or randomly selected Tor relays. Each relay then doest its job by decrypting one layer of encryption. Each relay reveals information that helps it identify the next relay in the circuit in order to pass the remaining encrypted data on to it. The final relay decrypts the innermost layer and sends the original data to its intended destination without even knowing, and that means — without a possibility of revealing it — the source IP address.
So, in theory, the network is pretty much secure and anonymous. But, as you may heard during last weeks, many TOR relay servers have been compromised; and moreover there are techniques, including, but not limited to statistical traffic analysis and social enginery that can be used to compromise TOR user. These news seem to compromise the whole idea of using TOR for anonymity, but actually most of these risks can be avoided if you follow simple rules and hold to common sense all the time. In this course we will go through the steps you can follow to minimize the risks of being deanonymized while setting up and running your hidden website or web service. You will never get 100% guarantee, but at least you’ll be aware of the problem and will know what to do not to expose yourself at once.
So, as you may have guessed, TOR can also provide anonymity to websites and other servers. Servers that are configured to communicate with visitors only via Tor network are called “hidden”. These servers don’t reveal a server’s IP address and its network location, because a hidden server is accessed through its onion address that ends in dot-onion, and is accessible only usually via the Tor Browser. Thus the Tor network preserves the anonymity of both the server itself and the visitor of such website or web service. Note, that hidden services do not use exit nodes, that means that connection to a hidden service is encrypted end-to-end.
Darknets are overlay networks which use the public Internet, but which require specific software, or configurations, or authorization to access. The darknets which constitute the dark web include small, friend-to-friend peer-to-peer networks, as well as large, popular networks like Tor, operated by public organizations and individuals.
So, in general, darknet websites are two things: they operate on encrypted networks which are not generally reachable, and they are hidden from search engines and are not indexed in any way, being found through darknet catalogues or special forums, etc.