Anonymous Security Scanning and Browsing
Download as PPTX, PDF1 like959 views
The document outlines the importance of online anonymity through tools like Tor, including its functionalities, configurations, and use cases for individuals and organizations. It emphasizes the significance of protecting privacy and trade secrets, while detailing potential information leaks through various applications. Additionally, it provides step-by-step instructions for configuring Tor and utilizing it with various penetration testing tools.
![Steps to Install
1. Install TOR
sudo apt-get install tor
2. Install proxychains
sudo apt-get install proxychains
3. Open /etc/proxychains.conf & add
[ProxyList] # add proxy here ...
# meanwile
# defaults set to "tor"
socks4 127.0.0.1 9050](https://image.slidesharecdn.com/annonscan-151009041733-lva1-app6891/85/Anonymous-Security-Scanning-and-Browsing-9-320.jpg)
Anonymous Security Scanning and Browsing
- 1. Anonymous Scan Topics to be Covered • Why to be Anonymous – Scans and Browsing • What is TOR • Socks Proxy , DNS Leaks • Using TOR – Browser Level , Terminal (config) • Proxy chains ( config) • Using Nmap, nikto, burp with Tor
- 2. Why to be Anonymous • Privacy reasons – Citizens • Business need to keep Trade Secrets, Network security • Govt – for its security • Military, Law enforcement orgs needs anonymity to get their job done • Anonymity isn't cryptography, steganography Operating Systems and Applications leak your info
- 3. Info. Getting leaked via • Browser Plug-in, Cookies, Extensions, • Shockwave/Flash, Java, QuickTime and even PDF
- 4. TOR “The onion router” • online anonymity software and network • open source, freely available • active research environment Estimated 3,00,000 daily Tor users
- 5. Works on Relay Principle Each node knows only the previous hop and the next hop. No node in the path can discover the full path
- 6. • TOR uses Onion Routing • Onion Routing technique for anonymous communication over a network. • Messages are encapsulated in layers of encryption.
- 7. Socks Proxy • It’s a Protocol / Socks – Socket Secure • A SOCKS server is a general purpose proxy server that establishes a TCP connection to another server on behalf of a client
- 8. TOR Browser Level • Download TOR • Run
- 9. Steps to Install 1. Install TOR sudo apt-get install tor 2. Install proxychains sudo apt-get install proxychains 3. Open /etc/proxychains.conf & add [ProxyList] # add proxy here ... # meanwile # defaults set to "tor" socks4 127.0.0.1 9050
- 10. Start and Test TOR 1. sudo service tor start (llly, stop and restart) 2. sudo tor status (to check the status) 3. sudo proxychains firefox www.ipchicken.com
- 14. DNS Leaks • traffic leaks outside of the secure connection to the network • Under certain conditions, • OS will continue to use its default DNS servers instead of the anonymous DNS servers • Results in DNS Leaks
- 15. Nmap, nikto • sudo proxychains nmap -sT –PN < IP address> • sudo nikto proxychains <host> • For all command line scans…..
- 16. Scan on abc.com
- 17. IP belongs china’s ISP
- 18. Burp suite • Install TOR • Go to <OPTIONS> • Set SOCKS as 127.0.0.1 9050 • NOTE : – Proxy settings in foxy proxy and burp suite will same as 127.0.0.1 8080