DNS and Tor Network Basics Quiz

Questions and Answers

What does TTL in a DNS resource record represent?

The total time for data retrieval

The time until the resource record is deleted

The transaction time for DNS queries

The time to live for the resource record (correct)

Which of the following types of DNS records provides the hostname of an authoritative DNS server?

Type A

Type NS (correct)

Type MX

Type CNAME

In a DNS message format, what is the purpose of the authoritative flag?

Specifies if the query was recursive

Confirms the response is valid

Indicates the response is final

Designates the server as the main server for that record (correct)

What information is contained in the question section of a DNS message?

The name being queried and type of question

Which type of DNS record provides the canonical name for an alias hostname?

Type CNAME

What program is commonly used to send DNS queries from various platforms?

nslookup

Who enters a domain name into the DNS database?

A registrar

What section in a DNS reply contains the resource records for the queried name?

Answer section

What command is used to hash a password for the Tor configuration file?

tor --hash-password your_password

What does the torsocks command facilitate in the Tor network?

It allows the Tor client to reach the Directory Authority for a list of relays.

Which of the following components does NOT install with the Tor package?

tor-browser

How often does each Tor relay send information about itself to the Directory Authorities?

Every 18 hours

Where can the Tor configuration file be found on a Linux system?

/etc/tor/torrc

What is the default port number for the Tor SOCKS proxy server?

9050

What is the role of Tor Directory Authorities?

To maintain a list of available relays and their IP addresses

What is the primary function of the curl command in relation to Tor?

To transfer data using various protocols while utilizing Tor's anonymity

What is a significant limitation of the PTW attack method?

It can only crack 40 and 104 bit keys.

What is not a step you perform before executing the attack using aircrack-ng?

Inject and replay the ARP packets.

What command is used to create a Monitor Mode of the wireless interface?

airmon-ng

Which command would you use to inject and replay ARP packets during the attack?

aireplay-ng -2 -p 6000 -c FF:FF:FF:FF:FF:FF -b xx:xx:xx:xx:xx:xx -h 00:11:22:33:44:55 mon0

What function does the aircrack-ng tool serve?

To crack WEP encryption keys.

What should you do after capturing approximately 100,000 packets during the attack?

Kill both jobs and run aircrack-ng.

What is the purpose of the registrar in the domain name registration process?

To ensure NS and A records are entered into TLD servers

How does one distinguish the newly created Monitor Mode interface from the Managed Mode interface?

By assigning it a different MAC address.

Which file is the primary location for DNS-like naming services on a private home network?

/etc/hosts

What command is used to restart the network service after changing network configuration files?

sudo /etc/init.d/network restart

Which of the following is not part of the steps required for setting up the attack using aircrack-ng?

Identifying the AP's IP address.

What does the file /etc/resolv.conf primarily contain?

List of authorized DNS servers

Which statement is true about the /etc/host.conf file?

It specifies the order of source mappings

What do root servers primarily respond with?

Top Level Domain (TLD) DNS server addresses

How many root servers are there at the top of the DNS hierarchy?

13

What type of malware is associated with altering DNS settings in the system?

DNSChanger

What is the primary function of the Domain Name System (DNS)?

To translate hostnames to IP addresses

Which protocol does DNS typically operate over?

UDP on port 53

What is the purpose of host aliasing in DNS?

To create more memorable domain names from canonical names

In the context of DNS, what does MX record stand for?

Mail Exchanger record

What is a potential advantage of load distribution in DNS?

It offers redundancy for server failures

Which aspect of DNS caching can contribute to security vulnerabilities?

It may lead to DNS cache poisoning attacks

What is the significance of the IP address being read from left to right?

It provides increasing specificity about host location

What process is used to ensure both confidentiality and authentication in PGP?

Creating a digital signature using the hash code of the plaintext

What encoding method does PGP use for message transmission to ensure email compatibility?

Base64 encoding

What type of keys do individuals maintain in their 'Private Key Ring' within PGP?

Paired public and private keys

How is the key ID related to the public key in PGP?

It comprises the least significant 64 bits of the public key

What algorithm is used in PGP to encrypt private keys?

CAST-128 algorithm

Which component helps assess trust in public keys among different users in PGP?

Web of Trust

What cryptographic function is used to hash the user-entered passphrase for private key encryption in PGP?

SHA-1 hashing

What does the segmentation facility in PGP primarily help with?

Transmitting messages within the size limits of email systems

Study Notes

Network Security Lecture Notes

• The lecture was on DNS Security.
• References were provided: Kurose's section 2.4 and Kak's Lecture Notes 17.
• The lecture outlined topics including host identifiers, DNS services, how DNS works, DNS caching, DNS message format, DNS on Linux, DNS cash poisoning attacks, and attacks.
• Host identifiers include names, social security numbers, and driver's license numbers.
• In a given context, one identifier may be more appropriate than another.
• An Internet host identifier is its hostname (e.g., www.facebook.com; www.google.com).
• An Internet host is also identified by IP addresses (e.g., 121.7.106.83).
• Scanning IP addresses from left to right provides more information about the host's location on the Internet.
• The Internet's domain name system (DNS) translates hostnames to IP addresses, and is a distributed database implemented in a hierarchy of DNS servers.
• DNS uses an application-layer protocol to allow hosts to query the distributed database.
• The DNS protocol runs over UDP and uses port 53.
• DNS servers are often UNIX machines running BIND software.
• DNS is employed by other application-layer protocols to translate user-supplied hostnames to IP addresses (e.g., HTTP, SMTP).
• DNS provides host aliasing to create more mnemonic hostnames.
• An example of host aliasing is relay1.west-coast.enterprise.com; alias: www.enterprise.com.
• Mail server aliasing (MX record) allows a company's mail server and Web server to have the same host names.
• Load distribution occurs among replicated servers which use different IP addresses; these addresses are rotated within replies.
• On UNIX machines, gethostbyname() is the function call to perform DNS translation.
• A simple DNS design would have one centralized server holding all mappings; however, this doesn't scale.
• DNS hierarchy has root, top-level domain (TLD), and authoritative servers; with more than 1000 root servers.
• TLD servers handle top-level domains like com, org, net, edu, and country-specific top-level domains.
• Authoritative DNS servers provide IP addresses for specific organizations or hosts.
• A local DNS server acts as a proxy, forwarding queries through the DNS hierarchy.
• DNS queries can be iterative or recursive.
• DNS caching improves delay performance, reducing the number of DNS messages.
• The local DNS server will implement caching.
• DNS servers discard cached information after a set time period (often two days).
• Root servers are mostly bypassed during queries due to caching.
• DNS records, or resource records (RRs), are a four-tuple (Name, Value, Type, TTL) with TTL being the time to live.
• Type A records associate a hostname with an IP address.
• Type NS records provide the hostname of an authoritative DNS server.
• Type CNAME records provide canonical hostnames for alias hostnames.
• Type MX records provide the canonical name of a mail server.
• DNS messages have a header (12 bytes), a question section, an answer section, an authority section, and an additional information section.
• nslookup is a program that can query any DNS server.
• Many Web sites allow remote nslookup use.
• ICANN is responsible for accrediting registrars.
• Registrars verify domain uniqueness and enter domain names into the DNS database.
• DNS on Linux involves /etc/hosts (a host table the name resolver program checks).
• /etc/resolv.conf lists the name servers to use.
• DNS hijacking (DNSChanger malware in 2012) is malware that alters the /etc/resolv.conf file, redirecting to a rogue DNS.
• DNS Organization
• At the top of the hierarchy, there are 13 root servers.
• The file /usr/share/dns/root.hints is installed with BIND9.
• Root servers are accessible through commands like dig.

DNS Caching

• DNS extensively uses DNS caching to improve performance, decreasing the delay, and minimizing the number of DNS messages repeatedly processed through the Internet.
• DNS servers maintain cached mappings locally for host names, even if not authoritative
• DNS servers discard cached information periodically, often after two days.
• DNS caching also significantly reduces unnecessary traffic to root servers.

DNS Record and Messages

• A resource record (RR) stores information about network resources, including their names and IP addresses.
• It's a four-tuple: (Name, Value, Type, TTL).
• If Type=A, then the Name is a hostname and the Value is its IP address.

DNS Message Format (1/2)

• Query and reply messages have a common format.
• Header (12 bytes) includes fields for identifying the query.
• Includes 16-bit query/reply flag, authoritative flag, recursion-desired flag, and recursion-available field.
• Four fields (numeric) indicate the occurrence count of data sections.

DNS Message Format (2/2)

• The question section contains the queried hostname and type (e.g., Type A, Type MX) of the question.
• The answer section contains resource records of the queried name.
• Authority section stores records of other authoritative servers.
• Additional section contains extra helpful records.

DNS Services

• DNS provides useful services; host aliasing, mail server aliasing, and load distribution.
• Host aliasing creates more user-friendly hostnames.
• Mail server aliasing allows a company to use the same hostname for both mail and web servers.
• Load distribution among replicated servers dynamically rotates IP addresses in replies.

DNS Vulnerabilities

• Phishing and pharming are common email-based attacks that fraudulently gather sensitive information.
• DNS cache poisoning attacks manipulate DNS servers into providing incorrect IP addresses for specific host names, directing users to malicious web sites.
• BIND versions predating BIND9 are vulnerable to cache poisoning attacks, because of the vulnerability of using a 16-bit Transaction ID integer.

Transaction ID

• An application requesting a symbolic hostname sends a DNS query with a Transaction ID.
• The receiving nameserver returns the answer with the same Transaction ID integer, aiding the recipient in matching replies.
• The IDs in earlier versions of BIND were not randomized, which allowed vulnerability to attacks.

Example Attack Steps (1/2)

• An attacker can poison the cache of a DNS server to redirect users to malicious websites.
• The attacker crafts specially-designed responses to flood the server, which are more likely to match the receiver's Transaction ID.

Example Attack Steps (2/2)

• The attacker needs the source port used by the targeted DNS server to send queries.
• Attackers know that BIND reuses ports for the same host.
• The attacker tests and observes the source port.

Script for DNS Cache Poisoning Attack

• UDP packets containing specific payloads and Transaction IDs must be manually crafted to execute a DNS cache poisoning attack.
• Successfully carrying out such an attack requires a set of spoofed DNS Transaction IDs and a correct guess for the destination port.

Dan Kaminsky's Attack, 2008

• A caching nameserver vulnerability allows an attacker to access records of non-existent host names.
• Attackers flood the server with spoofed replies related to invalid hostnames.
• The cache then incorrectly stores and presents these as valid resources.

DNS Poisoning Fix

• Randomizing the ports for queries, avoiding repeated port use during requests, is one method to counteract attacks.
• Nameservers should use a bailiwick check to verify that returned resource records (RRs) are relevant to the original query and to the specific hostname.

DNS Attack, 2002

• A distributed denial-of-service (DDoS) attack using ICMP ping messages targeted 13 root DNS servers to flood and overwhelm the servers.
• Many DNS servers had packet filters configured to block ICMP ping messages, mitigating much of the attack's effect.

DNSChanger Malware, 2012

• DNSChanger malware alters the /etc/resolv.conf file, rerouting DNS requests to rogue servers.

DNS Attack, 2016

• A massive DDoS attack directed at the DNS provider Dyn.
• The attack, believed to be carried out by a botnet of IoT devices infected with Mirai malware, caused outages among major Internet services (e.g., Amazon, Twitter, Netflix, GitHub, and Spotify).

WiFi Security

WiFi Architecture (1/4)

• The fundamental building block for a WiFi network is the Basic Service Set (BSS).
• A BSS comprises one or more wireless stations and a central base station called an access point (AP).
• Each 802.11 wireless station has a 6-byte MAC address, embedded in the firmware of the station's network adapter.
• Each access point (AP) also possesses a MAC address for its wireless interface.
• IEEE standards dictate unique MAC addresses for each device.

WiFi Architecture (2/4)

• In setting up a WiFi network, a network administrator assigns a unique Service Set Identifier (SSID) to each access point.
• Channels are also assigned to each AP.
• The 802.11 standard operates within a frequency range of 2.4GHz to 2.4835GHz, with 11 partially overlapping channels.
• A "WiFi jungle" describes a physical space where a wireless station receives strong signals from multiple access points.

WiFi Architecture (3/4)

• Each access point (AP) is located within a distinct IP subnet.
• A wireless device establishes a connection with only one AP within its range.
• The connection is established by an access point sending out beacon frames which include its SSID and MAC address.
• The device scans the 11 channels to find these beacon frames.
• This scanning method is referred to as passive scanning.

WiFi Architecture (4/4)

• A wireless device can conduct active scans by transmitting a probe frame, after connecting to an AP it executes a DHCP discovery message.
• The device authenticates itself to the AP using its MAC address or username and password verification.
• The AP can use RADIUS or DIAMETER protocols to communicate with the authentication server.

WiFi Standards

• IEEE 802.11 standard specifies the frame structure, medium access protocol standards, and internetworking for Ethernet connections.
• Different 802.11 standards are available, with differing maximum data rates and operating ranges.

WiFi Frame

• The payload in a WiFi frame consists of an IP datagram or an ARP packet.
• The frame has four address fields, each capable of holding a 6-byte MAC address.
• Three address fields are needed to transport data from a wireless device to an access point (AP) and then to a network router.
• The fourth address field is used in ad hoc mode.
• The WEP field indicates whether encryption is used.

WiFi Security Services

• WiFi security involves mutual authentication between the access point (AP) and mobile device as well as encryption processes.
• Mutual authentication verfies the identity and access levels of communicating devices.
• Encryption ensures the security of private data using symmetric encryption keys.

WiFi Authentication (1/5)

• The access point (AP) functions as a pass-through device, mediating authentication and key exchange activities between the mobile device and the authentication server.

WiFi Authentication (2/5)

• In the discovery phase, the AP advertises available authentication and encryption methods to the mobile device.
• The mobile device then requests the desired authentication and encryption methods.

WiFi Authentication (3/5)

• Mutual authentication and shared symmetric key derivation occurs when the authentication server and the mobile device already share a common secret key.

WiFi Authentication (4/5)

• For the shared symmetric session key to be distributed, a protocol that allows the authentication server to communicate the key to the AP is required.

WiFi Authentication (5/5)

• Encrypted communications between a mobile device and a remote host, mediated by the AP, occur using the established, shared session key.

WiFi Security Standards

• Wired Equivalent Privacy (WEP) contains multiple security flaws.
• WiFi Protected Access (WPA1) was developed in 2003 to correct WEP's weaknesses, utilizing AES symmetric key encryption.
• WPA2 protocol builds on WPA1 using AES in the Counter (CTR) mode.
• Mutual authentication and shared symmetric session-key derivation are performed with a four-way handshake protocol.
• WPA3 is a later upgrade of WPA2 and is an improvement to address vulnerabilities that existed in earlier protocols.

Four-way Handshake Protocol (1/2)

• Mutual authentication and the derivation of a shared symmetric key are accomplished in the initial stages of the four-way handshake.
• Further steps help derive a second key for enabling group communication.
• The mobile device (M) and the authentication server (AS) start by sharing a common secret (e.g., a password).
• The use of a shared secret and cryptographic hashing help authenticate both entities.

Four-way Handshake Protocol (2/2)

• The authentication server (AS) generates a nonce (Nonce_AS).
• The nonce is sent to the mobile device (M), which then generates its nonce (Nonce_M).
• The entities then derive and share a symmetric session key (K₁₂₋AP) based on Nonce_AS, Nonce_M, pre-shared secret (e.g., a password), the mobile device's MAC address, and the authentication server's (AS) MAC address.
• The authentication server notifies the access point (AP) of the generated key.

WiFi Vulnerability

• Various security vulnerabilities are associated with the WEP protocol.
• The flaws in WEP include a weakness in the key scheduling algorithm of RC4 which were attacked and discovered by Fluhrer, Mantin, and Shamir, which are known as the FMS attack.
• The Klein attack exploits strong correlations in the byte sequences and plaintext/ciphertext pairs.
• The PTW attack also exploits flaws in WEP but is more efficient.

RC4 in WEP (1/3)

• The WEP protocol uses RC4 stream cipher, encrypting each packet individually, using the 24-bit initialization vector (IV) and the root key (AP security code) to derive the RC4 key.
• The IV, which is transmitted, limits security.

RC4 in WEP (2/3)

• The root key remains constant across packets, while the IV is incremented sequentially.
• WEP specification used 40-bit and 104-bit root keys for this purpose.

RC4 in WEP (3/3)

• The limited length and fixed nature of the IV are crucial weaknesses in the WEP protocol because, the use of the same key stream in multiple packets allows the attacker to successfully predict the keystream for the entire session.
• The first three bytes of the key are sent in plain text. This allows for attacks to easily recover the key.
• In short, WEP’s design is inherently vulnerable due to reuse of the key stream.

WPA

• WPA enhances security by using a longer 48-bit Initialization Vector (IV)
• WPA uses AES in the CTR mode to counter weakness in the RC4 stream cipher used in WEP.

WEP Attacks

• FMS Attack (2001): exploiting a weak key algorithm, this attack required substantial amounts of data to recover the key from the algorithm .
• Klein Attack (2008): This attack, which is based on the strength of correlation in the output of the RC4 pseudo-random byte generation method, required using plaintext-ciphertext pairs.
• PTW Attack (2007): Improved earlier attacks, needing less data volume to retrieve the key.

aircrack-ng tool

• Aircrack-ng provides fast recovery of WEP encryption keys.
• It establishes fake associations and authentications to access points with a wireless interface.
• It uses replay attacks to gain a large collection of ARP packets from the target, using different initialization vectors.

Before the Attack

• Obtain the access point's MAC address and operating channel using the iwlist command.
• Establish a monitor mode for the wireless interface using the airmon-ng command
• Assign a unique MAC address to the monitor mode wireless interface using the macchanger command.

The Attack Steps

• Run StartMonitorModeInterface.sh in the first step (root level privilege).
• To execute a replay attack, use aireplay-ng (root level privilege)
• Run aircrack-ng to recover the WEP key, which requires storing a sufficient number of ARP packets in a file for processing.

Assignment 3

• How to set a WiFi authentication server using RADIUS or DIAMETER?
• Carry out a Wireshark ARP lab.
• Use the aircrack-ng tool as assigned.

Email Security

Email Security Overview

• E-mail is a popular asynchronous communications medium employed by both individuals and organizations who can send and receive messages at convenience with no need to pre-schedule communications.
• E-mail systems are composed of the following components: user agents, mail servers, and the Simple Mail Transfer Protocol (SMTP). These components provide the necessary functions and procedures to deliver messages efficiently across the Internet.

e-mail components

• E-mail is an asynchronous communications medium that allows users to send and receive messages regardless of schedules, synchronizing communications to the benefit of participants.
• E-mail systems commonly consist of user agents, mail servers and the Simple Mail Transfer Protocol (SMTP)

User Agents (1/2)

• User agents provide users with the ability to interact with emails.
• Users can perform various functions on the emails using user agents, such as reading, replying, forwarding, saving, and composing messages.
• Examples of these agents include Microsoft Outlook, Apple Mail, and web-based Gmail applications.

User Agents (2/2)

• The user agent sends messages to the mail server when the sender finishes composing the message.
• Messages are stored in an outgoing queue.
• The receiver's user agent retrieves messages from the user's mailbox.

SMTP (1/5)

• SMTP (RFC 5321, 1982) is the backbone of email exchange.
• SMTP is a reliable, TCP-based protocol used in email communication.
• SMTP allows for the reliable transfer of messages between different servers.
• Both the client and server sides are involved in an email exchange.
• When a server sends mail to another server, it assumes the role of a client.
• Conversely, when a server receives mail, it acts as a server.

SMTP (2/5)

• SMTP restricts email bodies to 7-bit ASCII.
• Binary data must be encoded before transmission in ASCII for processing and subsequently converted back to binary.
• Email messages are processed without intermediaries between the sending and receiving mail servers, no matter the distance separating them.

SMTP (3/5)

• Email clients leverage TCP to establish a connection to the server (e.g., port 25 for SMTP transfer).
• SMTP requires an initial handshake for the email client and server to introduce each other.
• TCP ensures error-free message transmission, so that message delivery is reliable.

SMTP (4/5)

• Client commands, such as HELO, MAIL FROM, RCPT TO, DATA, and QUIT, are used to establish the dialogue between a client and SMTP server.
• Commands like these are used and exchange information in the format of keywords followed by values with a colon as the separator.
• The header provides necessary information such as “From”, “To”, “Cc”. The body incorporates message contents

SMTP (5/5)

• The sender's user agent (e.g., email client) uses SMTP or HTTP protocols to deliver an email to the sender's server.
• Email clients use HTTP if the receiver has Web-based email access protocols.
• SMTP is also commonly used for sending messages.

e-mail confidentiality (1/2)

• To ensure secure communications: confidentiality, sender authentication, message integrity, and receiver authentication.
• Alice, the sender, selects a random symmetric key (Ks).
• Encrypts her message (m) using the symmetric session key (Ks).
• Encrypts the symmetric key (Ks) with Bob's public key (KB) concatenating this encrypted symmetric key with the encrypted message, m.
• Sends the result to Bob's email address.

e-mail confidentiality (2/2)

• Bob receives the message.
• Bob uses his private key (KB) to decode the encrypted session key (Ks).
• He decrypts the message (m) using the extracted symmetric session key (Ks).

e-mail sender authentication and message integrity (1/2)

• Sender authentication and message integrity are implemented using digital signatures.
• The sender uses a hash function (H) to produce a message digest and signs it using their private key to create a digital signature.
• They combine the original message with the signature to create a package.

e-mail sender authentication and message integrity (2/2)

• Bob receives the message and decodes the signature using the sender's (Alice's) public key (KA).
• Bob compares the message's resulting hash to his generated hash for the message.
• If they match, Bob is sure that the sender is legitimate, and the message's integrity is upheld.

PGP

• PGP, created by Phil Zimmermann in 1991, is a popular email encryption standard.
• PGP uses cryptographic techniques like MD5 or SHA for message digests, and encryption algorithms like CAST, Triple DES, or IDEA.
• Using an RSA encryption mechanism it allows user authentication and digital signatures, thereby ensuring confidentiality and integrity of a message.
• PGP creates an asymmetric (Public and private) key pair. The public key can be shared with others whilst the private key is kept secure.

PGP Web of Trust

• PGP's design separates public key certification.
• Direct trust and authentication are established through a web of trust in which users physically gather, exchange public keys, and certify each other.

PGP tool

• The gpg --gen-key command generates PGP public and private keys for email encryption and authentication.
• The gpg tool is also a utility for managing keys and encryption.

E-mail Standards

• RFC 5322 (Internet Message Format, 2008) defines standard email message formats.
• MIME (Multipurpose Internet Mail Extensions) extends the basic email format to support more diverse content types, including multimedia files.
• S/MIME (Secure/MIME) strengthens MIME, allowing encryption enhancements, improving message security.

Internet Mail Architecture

• Key components of the Internet mail system – Message User Agent (MUA), Mail Submission Agent (MSA), Message Transfer Agent (MTA), Mail Delivery Agent (MDA), Message Store (MS)
• Standard protocols: SMTP (Simple Mail Transfer Protocol), TCP (Transmission Control Protocol), POP3 (Post Office Protocol version 3), and IMAP (Internet Message Access Protocol).

E-mail Format

• RFC 5322 defines the standard format for email messages (i.e. headers, body).
• MIME (Multipurpose Internet Mail Extensions) allows email messages to contain various multimedia formats, and secure data formats.

Spam

• Spam is unwanted or unsolicited email.
• Some spam aims to steal information or spread further attacks.
• Legitimate businesses and organizations sometimes send emails that aren't relevant to the recipient.
• Spam filters employ statistical analysis (like Bayesian filters) and regular expressions to distinguish spam from non-spam.

Procmail

• Procmail is a program specifically designed to filter emails.
• It acts as a Mail Delivery Agent (MDA) on Linux/Unix platforms.
• The filters are formatted as recipes located in a config file (e.g,.procmailrc.)

Structure of an Email Message

• An email message is structured into an envelope (which contains information about sender and recipient addresses), header (provides details like sender address, recipient, date, and subject), and body (contains the message itself).

Email Authentication Protocols

• SPF, DKIM, and DMARC are crucial email authentication standards.

DNS TXT

• A TXT record in a DNS server provides a platform for domain administrators to place any crucial or required info regarding the relevant domain itself.
• Email authentication heavily relies on TXT records within DNS servers.

SPF

• SPF (Sender Policy Framework) is an email authentication procedure used by an organizations sending email.
• It is implemented by placing specific entries within the assigned DNS servers for the organization.
• SPF records are used to verify the legitimacy of email sending.

DKIM

• DKIM (DomainKeys Identified Mail) is an email authentication process performed between two different servers.
• A public key is stored in a DKIM TXT record.
• The receiving MTA uses this key to authenticate the incoming email to confirm that it was indeed sent by the domain it originated from.

DMARC

• DMARC (Domain-based Message Authentication Reporting and Conformance) sets policies for handling emails that have been processed by both SPF and DKIM standards but have been found to be invalid or failed.
• It specifies how email should be handled if the authentication procedures (SPF and DKIM checks) fail.

Assignment

Anonymity Services

• Prerequisites include the cryptographic protocols SOCKS, TLS, and Privoxy.
• Tor (The Onion Router) offers multi-layered anonymity of communications, obscuring the sender and destination IP addresses.
• Tor utilizes a circuit-based protocol with nodes, known as onion routers (ORs). Each layer only knows the node in front of it and the node that follows it in the circuit.
• Tor utilizes cells, which contain a header and payload, for transferring data. The cells may either act as control cells, or relay cells.
• Tor employs cryptographic processes for integrity checks, and also controls congestion and traffic configuration.
• Tor avoids compromising the identity of the user from the sending or the receiving party

Tor Features (1/3)

• Perfect forward secrecy: Ensures that compromising a single node within the Tor circuit does not compromise the identities of the sending or receiving parties. Previous and future communications will not be compromised.
• Separation of"protocol cleaning" from anonymity: This permits the use of different protocols without specific modifications. This allows for end-to-end verification of the integrity of the messages that are transmitted through the network, and it also reduces potential complications due to routing procedures.
• Leaky-pipe circuit topology: Enables traffic to exit the Tor circuit at alternate locations and helps to protect against attacks that attempt to trace communication pathways.

Tor Features (2/3)

• Directory servers: The nodes responsible for supplying information regarding Tor or onion routers. They maintain records of current status and directories for known routers.
• Variable exit policies: Each node within the Tor network declares a policy describing the hosts and ports towards which it will connect. This permits the user to define or change their connection parameters as necessary.
• Rendezvous points and hidden services: Tor provides a mechanism for anonymity. It is possible to connect to hidden services or servers that are hidden behind the Tor network.

Tor Features (3/3)

• Many TCP streams multiplexed over a single circuit: Tor allows the creation of multiple TCP streams on the same route. These many streams share, or are multiplexed to traverse the same circuit, allowing for a better resource usage.
• End-to-end integrity checking: Provides checks to detect modification of the transmitted data between the sending and receiving points, through the use of checksums.
• Congestion control: To reduce congestion during transmission.
• No mixing, padding, or traffic shaping: Tor does not apply any additional processing to packets, preserving the original data configuration .

The Tor Design

• Tor is a network of relays or nodes arranged in a circuit-based topology, and each of these nodes maintain a TLS connection to all other ones in the network.
• Each user accesses the network through a special proxy.

Cells (1/2)

• Data across the Tor network travels in fixed-size cells (512 bytes). Each cell is composed of a header and a payload. The cell has two specific varieties: relay and control cells.
• Relay cells are used for transmitting data while control cells provide essential commands such as creating, destroying, or modifying relay processes.

Cells (2/2)

• Multiple TCP streams may share the same circuit.
• Relay cells carry stream IDs, checksums, and explicit relay commands, along with the length of the payload.
• Data is encrypted or decrypted according to the circuit that the cell is on using an AES counter-chaining methodology.

Circuits and Streams

• Each Tor circuit is shared among multiple TCP streams.
• To minimize linkability, a new circuit must be generated on an approximately minute basis.
• The establishment of a circuit is carried out locally between successive nodes using cryptographic operations.
• The routing information of a circuit is only accessible to the nodes immediately preceding and succeeding any given node.

Constructing a circuit (1/3)

• The procedure starts when the user creates a new circuit by sending a create cell to an initial node.
• The first relay hop (Bob) will initialize a Diffie-Hellman (DH) handshake with the user.

Constructing a circuit (2/3)

• Alice sends a relay extend cell specifying the address of the successive node in the circuit from node to Bob.

Constructing a circuit (3/3)

• The handshake with the successive network nodes (e.g., Carol) involves using a shared symmetric encryption key to encrypt the process steps.
• Subsequent hops build upon the key to add another layer of encryption to the process until the final node is reached.

Opening and closing streams (1/2)

• To initiate a TCP connection the client will invoke the Tor onion proxy. This proxy establishes and relays the connection, but this is invisible to the destination server.
• The proxy determines the newest circuit and selects an exit node for this TCP connection.

Opening and closing streams (2/2)

• Some applications pass the alpha-numeric hostname to the Tor client while others resolve the hostname to an IP address first.
• This first step is necessary because the destination remote DNS server can be seen by the requesting party if the request is initiated via a DNS resolution method.
• The use of privacy-aware proxies like Privoxy is encouraged while establishing these connections.

Integrity checking on streams

• Tor utilizes TLS for integrity checks on all links using a cryptographic method known as Hashing (SHA-1)
• Each relay step receives a new key from the previous one and then, appends to the digest using the previous key.

Other design techniques

• Rate limiting and fairness
• Congestion control
• Rendezvous points and hidden services
• Resource management
• Exit policies
• Directory servers

Threat Model

• A passive adversary, one who observes or monitors network transmission, is the most common threat to Tor's anonymity design. They have the ability to watch a portion of data transmission or modification, and it also assumes that they have compromised access to a portion of the network nodes.

Passive attacks (1/2)

• Observing user traffic patterns does not reveal destinations or data content but discloses the volume of activity.
• Observing user content does not reveal data contents but it can determine connections to responsive parties using unencrypted connections.
• Distinguishability issues arise when clients who represent a minority group potentially reveal more information due to lower traffic volumes.

Passive attacks (2/2)

• End-to-end size or timing correlation are difficult to hide by Tor and may expose user behaviors and communication patterns.
• Website fingerprinting: multiplexed streams within the same circuit, providing limited protections,

Active attacks (1/2)

• Compromise keys: frequent key rotations mitigate the impact of compromised nodes in the Tor network.
• Iterated compromise: actively building circuits that traverse multiple jurisdictions makes regulatory control more difficult.

Active attacks (2/2)

• Run an onion proxy: compromising a proxy compromises connections that pass through it.
• DoS non-observed nodes: robustness is crucial in this case.
• Run a hostile Or: Observing a large number of nodes, he can correlate their traffic more aggressively.
• Introduce timing attacks into messages, enabling analysis of the transmitted traffic to expose communication patterns.
• Tagging attacks: Applying integrity checks will detect any tampering.
• Replace the contents of unauthenticated protocols, ensuring that the client always uses protocols with end-to-end authentication.
• Replay attacks are prevented by the use of current (randomly generated IDs).
• Smear attacks: Tor relies on volunteers who can tolerate political backlash; this can be a critical point.
• Distribute malicious code: All Tor releases are signed and are available in source code format. This is beneficial because anyone can test and examine the source.

Directory attacks

• Destroy directory servers: If a majority of servers is compromised, human intervention is required.
• Subverting a majority of directory servers: This would require an active attack against Tor nodes.
• Encourage directory server dissent: Creating conflicting camps or factions can aid in partitioning users.
• Tricking directory servers to list hostile nodes: A targeted attack to insert hostile nodes into the directory.
• Convincing directories a malfunctioning node works: An active attack trying to cause the directory servers to mistake a compromised node for a functioning one.

Tor in Linux (1/2)

• Obtain the Tor package from http://www.torproject.org .
• This package contains specific scripts and tools including tor-geoipdb (maps IP to country), torsocks (shell script for interacting with the Tor Proxy,) and the Tor SOCKS proxy server.

Tor in Linux (2/2)

• Customize the Tor config file (/etc/tor/torrc) to set the password hash or authentication settings.
• Configure Tor to act as a relay using a specific package (e.g. torouter).
• Setting up Tor to act as a bridge to improve anonymity. Modifying the configuration file (/etc/tor/torrc).

curl

• The curl command is a tool used for transferring data, including various protocols like HTTPS, IMAP, FTP, et cetera, via URLs.
• It can be run through Tor using the torsocks command to provide greater anonymity in transmitting and receiving data.

torsocks

• The torsocks command causes the Tor client (/usr/bin/tor) to contact a Directory Authority to gather a list of Tor relays.
• The Tor client then uses these relays to construct a circuit with which to transmit data to the destination IP address.

Blocking Tor (1/3)

• Tor Directory Authorities (DAs) serve crucial roles by keeping track of all active relay nodes.
• All relay addresses contained within the network are stored or hardcoded within each Tor client.
• Tor relays refresh the information they provide regarding themselves roughly every 18 hours.

Blocking Tor (2/3)

• A Python script can fetch this data regarding the relay nodes, allowing you to interact with a particular entry point or exit relay; this can also be used to bypass or configure access to a Tor proxy.
• Tor bridges are a distinct group of relays that enable connections without revealing to a directory authority.
• A Tor user can transform their client into a bridge in order for their communications to remain anonymous.

Blocking Tor (3/3)

• Tor uses Bridge Authorities and only contains partial information on the bridge relays.
• Firewalls can block these relays using Packet Inspection (DPI)

VPN (Virtual Private Network)

• Using a VPN to conceal your IP provides a measure of user anonymity.
• VPN servers likely maintain logs containing the connected IP addresses, effectively revealing the source IP.
• Many VPN providers employ fixed IP addresses which enable more targeted blocking from certain clients. Enhanced VPNs, such as VPN Gate, can offer more protection against blocking

Assignment

• SOCKS: How to socksify a web browser?
• What services do public proxies provide?
• Privoxy: Installation and configuration guide.
• Tor and Tor bridges: Experiment with Tor to use a bridge. This is found in section 20.5.1 of the book. Use this method in order for Tor to function.

Description

This quiz tests your knowledge of DNS resource records, DNS message formats, and the Tor network. It covers essential topics such as DNS record types, functions of DNS messages, and Tor configuration. Perfect for those wanting to deepen their understanding of network protocols.