Changes between Version 100 and Version 101 of AnonymityModule


Ignore:
Timestamp:
Jul 7, 2011 11:30:18 AM (13 years ago)
Author:
jhudson
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • AnonymityModule

    v100 v101  
    9393
    9494=== Direct Client-to-Server Traffic ===
    95 Then type the command `sudo tcpdump -i eth0 -s 0 -x -w /tmp/direct.pcap` and then`cp /tmp/direct.pcap .` This will begin listening to the traffic that comes through this node and that specific ethernet link, eth0 in the example, write the data out to the file direct.pcap in the tmp diretory, and then copy it into the users directory.  At this time, the person connected to Alice will enter the command `wget --no-proxy http://server1/cgi-bin/ip.cgi` This saves a local copy of the web page set up on the server, and by doing so generates HTTP traffic to examine. We were able to listen in on this traffic thanks to the `tcpdump` command. We'll analyze what this data looks like and can tell us at a later time.
     95Then type the command `sudo tcpdump -i eth0 -s 0 -x -w /tmp/direct.pcap.` This will begin listening to the traffic that comes through this node and that specific ethernet link, eth0 in the example, write the data out to the file direct.pcap in the tmp diretory.  At this time, the person connected to Alice will enter the command `wget --no-proxy http://server1/cgi-bin/ip.cgi` This saves a local copy of the web page set up on the server, and by doing so generates HTTP traffic to examine. We were able to listen in on this traffic thanks to the `tcpdump` command. Then the users connected to Server1 will enter the command `cp /tmp/direct.pcap .` This will copy the file with the sniffed data into the users directory. We'll analyze what this data looks like and can tell us at a later time. However if you want to analyze this data now before we sniff more, proceed to Step 3 on this page.
    9696
    9797=== Client-to-Server Traffic through a Proxy ===
    98 Now we'll use a proxy to make this traffic a bit more anonymous.  A proxy will mask the source and destination of the traffic from both the client and the server by working as a go between for the two nodes.  Repeat the `tcpdump` command `sudo tcpdump -i eth0 -s 0 -x -w /tmp/throughproxy.pcap` and then `cp /tmp/throughproxy.pcap .` from the server node. However, now the user connected to Alice should enter the command `env http_proxy=http://proxy:8888 wget http://server1/cgi-bin/ip.cgi` This command changes an environmental setting and sends the `wget` command through the proxy on port 8888.  Thanks to the `tcpdump` command, we have a copy of this traffic as well.
     98Now we'll use a proxy to make this traffic a bit more anonymous.  A proxy will mask the source and destination of the traffic from both the client and the server by working as a go between for the two nodes.  Repeat the `tcpdump` command `sudo tcpdump -i eth0 -s 0 -x -w /tmp/throughproxy.pcap.` However, now the user connected to Alice should enter the command `env http_proxy=http://proxy:8888 wget http://server1/cgi-bin/ip.cgi` This command changes an environmental setting and sends the `wget` command through the proxy on port 8888.  Thanks to the `tcpdump` command, we have a copy of this traffic as well. Then the user on the Server1 node should enter `cp /tmp/throughproxy.pcap .` This saves us a copy of the data.
    9999
    100100=== Client-to-Server Traffic through Tor ===
    101101We will now use [https://www.torproject.org/ Tor] to
    102 onion route the data. As the name suggests onion routing alters the data flow through a minimum of 3 relays, each adding another layer of anonymity, because the packets of data only know the address of the next relay and the previous relay. Repeat the `tcpdump` command `sudo tcpdump -i eth0 -s 0 -x -w /tmp/throughtor.pcap` and `cp /tmp/throughtor.pcap .` from the server node. Now, the user on Alice should use the command `torify wget http://server/cgi-bin/ip.cgi` 
     102onion route the data. As the name suggests onion routing alters the data flow through a minimum of 3 relays, each adding another layer of anonymity, because the packets of data only know the address of the next relay and the previous relay. Repeat the `tcpdump` command `sudo tcpdump -i eth0 -s 0 -x -w /tmp/throughtor.pcap` . Now, the user on Alice should use the command `torify wget http://server/cgi-bin/ip.cgi .` And then `cp /tmp/throughtor.pcap .` from the server node.
    103103
    104104