Darkweb, Darknet and Tor.

Dawelio

Dawelio

Active member
Hey guys,

So I have no idea if this is allowed to talk about on these forums, so if they aren't, please delete this thread.

I've recently seen quite a lot of articles on Swedish news sites regarding this, Dark web, Darknet and a web browser called Tor, in order to access them.

I've never been so much into software stuff and security. Althought it's something that really interests me, specially the latter.
I'm not the best at security for PCs, in face I'm probably the worst ever lol... Hence why this is even more interesting to read about etc.

Now I'd thought it would be a quite interesting and fun to see if/what anyone knows about this?... I bet Tom knows how it works etc, will all of the knowledge in his PC guru brain :p

What I don't get though... What is the difference between Tor and for example Chrome and Firefox?. And the "real" internet vs Darknet/Darkweb?.

How is Tor and this so called "Darkweb/Darknet" more "secure" than for example Chrome etc?...

Again, if this is not allowed, inappropriate to talk about it any way... Please do delete this thread.

Regards,
Chrazey
 
You are mixing things up a bit. Tor is a network of hosts that allow traffic to flow through them, the last host in the chain being an exit node. Tor is basically a way to anonymize (not unbreakable) your traffic by routing it through a number of nodes. Your IP address to a web site through Tor would be that of the exit node - some other guy anywhere in the world. Be careful though: should you run an exit node yourself, others would be browsing "using" your IP address. I suggest you visit torproject.org for more information.

Darkweb is a subset of deepnet (sites not indexed by search engines etc.) and it requires some special software or way to access. E.g. some darkweb sites could allow themselves to be only reached via Tor exit nodes, i.e. by using Tor.
 
Hey Chrazey,

I can shed some light on this, I have extensively used ToR in my line of work and in my personal time have ran many Relays and Exit Nodes.

Firstly. The Dark Web / Deep Web are incorrectly stated as "ToR" However, anything that is referred to the aforementioned is anything that isn't indexed by a search engine, such as Google (Surface Web).

Did you know that the surface web makes up for a relatively small fraction of what the internet holds? Think about that for a second. :)

A lot of information on the deep web is accessible without the need for ToR - You just need to be able to find it as it isn't indexed.

ToR

ToR - The Onion Router as it's called is a low-latency anonymity network that is ran by world wide volunteers such as myself and funded by donations with a small percentage by the US Navel Research Laboratory.

The reason why it's called The Onion Router is because of how it works:

You have what is called Nodes. They are comprised of Entry Node, Middle Relay Nodes and an Exit Node.

On a standard configuration, you usually connect to around 3 or 4 of these Nodes. One Entry Guard/Node > 2 Middle Relay > Exit Node

A graphic to demonstrate this is below:

tor-100364318-medium.idge.png



This is called a ToR Circuit.

Each packet of information you send trough this network has been encrypted with layers of encryption. Each Node decrypts one layer of of encryption and it is then passed on to the next node (Middle Relay) and that decrypts the next layer of encryption and so fourth until it reaches the exit relay.

The exit relay is the final node in the circuit. This node decrypts the final layer of encryption before it is passed to the destination address (oc3d.net) for example. This exit relay is what you will appear to reside from and is the address of which server administrators will see.

Once a ToR Circuit has been established, the relays and exit nodes do not have any knowledge of your real IP Address. This is due to the fact that once you are connected to the ToR network, after the first part of the traffic is sent to the next middle relay, the next middle relay only has IP information of the previous middle relay and so fourth, catch my drift?

The purpose of this is to masquerade traffic origin. I can trace the exit node perfectly fine, but from then on it is futile to trace back further as the ToR Relays has no knowledge of the origin IP and the client rebuilds ToR Circuits to maximize anonymity and to reduce traffic correlation attacks.

Unfortunately, as the Exit Relay is the final piece in the jigsaw and finishes the decryption of the packet, it is therefore able to see everything that the user is doing. However, with the nature of the ToR network it is unable to tell who.

The ToR Network is very safe in terms of remaining anonymous. You hear of these news stories about how the FBI etc have been able to track users. Well this is because of client side attacks. That person was a little silly and either divulged personal information or did not use the ToR Browser Bundle. You can use any browser with the ToR network, but you must be able to configure it correctly, The ToR Browser Bundle is actually pretty good. The clientside attacks I am referring to are Javascript based attacks etc. When I visit a website, cookies and caches are stored for example. Most users got caught because what happened is that they used ToR did what they did but then used that same browser to browse the internet without ToR and as such those cookies/javascript/etc phoned home and thus revealed the true IP of that user.

To prevent this type of attack, Tails is highly recommended if you are unsure on how to properly protect yourself.

With regards to the web browsers and ToR. Web Browsers are clients used to parse the WWW. ToR is a network that is used to connect to using the ToR Client. You are able to browse the WWW and .onion sites. Onion sites are websites that only reside on the ToR Network, and as such you need to connect to that network to be able to access them. Although, you can get ToR2Web services which proxy ToR to the Clearnet.

The ToR Network is the ideal place for uncensored content, as it's hard to track and trace origin servers that host this content as they work and host content in the same way as how ToR user connects.

I can go more in depth with regards to ToR, but I tried to keep it as high level as possible for you to understand.

I have written an an easy to follow guide that you can read in order to help protect tracking online and regain some privacy online using Firefox.

https://infosecdroogs.co.uk/privacy-on-the-web/
 
Last edited:
just to clarify something else. the "darkweb" is just a name they gave any thing that you cant find via google or similar..
Many many places that arent at all sinister are in the DAAaaarrrK Webbbbb <-- Spooky voice.
But it just isnt that much of a story at all probably 90% or more of the internet is in the dark web. And nothing illigal about visiting parts of it.

of course there are seedy activities which are online which the users would want to keep off of search engines and so they are also in the spooky dark web..
But generally speaking its just the internet.

I have a web server running right now. All it is doing is hosting a html page so one of the people who play asetto corsa with us can have access to the cfg files and edit them before monday to change the cars so i dont have to do everything..

the only way to access this html page is if i gave you the url. You cant find it with a search. So its in the spooky dark web!
 
Last edited:
You must log in or register to reply here.

Similar threads

J
Is LTT forum is choke full of spooks ?
Replies
5
Views
476
hmmblah
hmmblah
AlienALX
The Fairchild Ghost subwoofer project
2
Replies
34
Views
570
AlienALX
AlienALX
AlienALX
For Robbie.
Replies
4
Views
93
AlienALX
AlienALX
J
New Zen6/Zen6c details ?🙄
Replies
1
Views
249
Dicehunter
Dicehunter
P
Do some people never learn from the past?
Replies
2
Views
849
Pugsport
P
Back
Top