Answers

Go back to Home Page

Rhaj V.

Upcoming employee in Tata Consultancy Services

see all my questions

How we can find misbehaving users in anonymizing networks like TOR, etc.,?

I need an apt answer for this question for helping my friend in her academic project..

posted 3 months ago in Computer Networking | Closed

Share This Question

Share This

Good Answers (5)

Charlie B.

Popwerful website security scanning made EASY

see all my answers

Best Answers in: Small Business (1), Computers and Software (1), Computer Networking (1), Databases (1)

This was selected as Best Answer

Depends what you mean by misbehaving users. If they are on your network and going outbound, you have a bit more control, but TOR is designed to be hard to crack. There are 2 known ways to get at TOR users.
1) Create a malicious TOR gateway exit node, and observe users behavior. many protocols leak information, such as bittorrent, which will allow you to find the original IP address. Other users will remain anonymous, though you can do packet inspection to check for useful information such as unencrypted email messages. TOR knows some exit nodes are malicious, and the protocol takes this into account. Still, it is the best known way to find users, and some TOR users have been exposed this way.
2) Track users on their PC. If you own the network, you can watch for TOR connections (may be hard to spot if they are jumping bridges often, but most don't) and find which machine is connecting to TOR. Then, install monitoring software on the PC itself. This can be done if you for instance own the PC, as in a work environment.

posted 3 months ago

Barry B.

Owner, Commercial Network Services

see all my answers

Best Answers in: E-Commerce (1), Web Development (1)

try running snort at your gateway

posted 3 months ago

Joe S.

Writer/Philosopher at Writer/Philosopher

see all my answers

Best Answers in: Work-life Balance (2)

If someone is careful about using it, you pretty much don't find them. You have to hope they make mistakes. For example, say someone uses Tor on a wireless access point to download some software. You trace it to the wireless access point IP, but it isn't theirs. What have you gained?

Your problem domain is not well defined. I don't know if this person is on a network you own, or someone else owns. I don't know if this is purely theoretical in the sense of "if protocols were to change how do we find misbehaving users".

posted 3 months ago

Antenore G.

Experienced Middleware and Unix specialist

see all my answers

Best Answers in: Computers and Software (1), Software Development (1)

You cannot or better you should not, as far as you identify a bad user you can, by extrapolation, identify the good one.
Anonymity is total or is not anonymity

posted 3 months ago

Brian F.

Sr Systems Engineer at VMware

see all my answers

There are an endless supply of misbehaving users on any given network... Focus on the root of the problem, weak security controls.

posted 3 months ago

Browse Categories

View All

Information Technology