7
回編集
「Tor/en」の版間の差分
ナビゲーションに移動
検索に移動
細
編集の要約なし
>充電に強い新芋 (fix) |
細編集の要約なし |
||
| (5人の利用者による、間の7版が非表示) | |||
| 1行目: | 1行目: | ||
[[ファイル:Tor-logo-2011-flat.svg|306px|thumb|right| | [[ファイル:Tor-logo-2011-flat.svg|306px|thumb|right|Logo]] | ||
'''Tor''' is software that uses Internet anonymization technology. Tor has a long history, with the first version released on December 20, 2002<ref>[http://archives.seul.org/or/dev/Sep-2002/msg00019.html pre-alpha: run an onion proxy now!]</ref>. | '''Tor''' is software that uses Internet anonymization technology. Tor has a long history, with the first version released on December 20, 2002<ref>[http://archives.seul.org/or/dev/Sep-2002/msg00019.html pre-alpha: run an onion proxy now!]</ref>. | ||
== Overview == | == Overview == | ||
| 40行目: | 40行目: | ||
{{wpl|en:Penetration test|Penetration test}}, an operating system designed to test attacks on computer systems and equipped with various <strike>attack weapon</strike>tools. This is also to be installed using [https://www.virtualbox.org/ VirtualBox]. <strong>Naturally, it must not be diverted to attacks on sites operated by third parties.</strong> | {{wpl|en:Penetration test|Penetration test}}, an operating system designed to test attacks on computer systems and equipped with various <strike>attack weapon</strike>tools. This is also to be installed using [https://www.virtualbox.org/ VirtualBox]. <strong>Naturally, it must not be diverted to attacks on sites operated by third parties.</strong> | ||
* [[Parrot OS]] | * [[Parrot OS]] | ||
Kali | Like Kali Linux, this OS is designed for penetration testing. Unlike Kali Linux, Tor is bundled<ref>The Tor browser is only installed and does not make all communications via Tor, so it is necessary to anonymize communications separately using [https://github.com/ultrafunkamsterdam/AnonSurf Anonsurf] or other means</ref>. Although it is equipped with various <strike>weapon of attack</strike> tools, including a password [[karacking]] function, it is an OS intended only for checking the vulnerability of the site you operate, and must <strong>never be diverted to attacks on sites operated by third parties</strong>. It is out of the question to think that "cuz tor is enclosed it is best suited for attack"</strong>. | ||
* [https://blackarch.org/ BlackArch] | * [https://blackarch.org/ BlackArch] | ||
The same Arch Linux flavor for penetration testing is bundled with native Tor and Tor Browser. While Kali Linux and Parrot OS are based on Debian, this one uses Arch Linux. Therefore, it is not possible to run Anonsurf, but instead it is possible to run a script called [https://github.com/Edu4rdSHL/tor-router tor-router] to make all OS communications via Tor. The tor-router has been updated so that communication anonymising can be stopped without restarting [https://github.com/Edu4rdSHL/tor-router/commit/290d0b1e29a13a4e1d4f109a6a31bdd1da523dc9 (ab272cb)]. This commit is also reflected in the BlackArch repository, and tor-router is always available for installation with pacman, with full stopability in the algorithm. For more information on other secret tools, see [https://blackarch.org/defensive.html here]. | |||
=== | === Software used in conjunction === | ||
Software that is often used in conjunction with Tor-based software for improved convenience and confidentiality. <strong>Note that some of these by themselves will not be anonymized by Tor.</strong> | |||
* [https://github.com/PHProxy/phproxy PHProxy] | * [https://github.com/PHProxy/phproxy PHProxy] | ||
One of the so-called Webproxy. This alone is an extremely easy way to hide your raw IP from the site, but it also makes you less anonymous. If it is routed behind Tor, it is possible to access sites that deny the IP of the Tor exit node. | |||
* [https://github.com/Und3rf10w/kali-anonsurf/ Anonsurf] | * [https://github.com/Und3rf10w/kali-anonsurf/ Anonsurf] | ||
A script that makes all Linux communications via Tor/I2P on the OS itself, without passing through a virtual machine such as Whonix. Officially, Kali Linux is recommended, but it is not advisable to use it to attack others, saying '''i can attack via tor so there's no way ill be exposed'''. | |||
*[https://github.com/alobbs/macchanger GNU MAC Changer] | *[https://github.com/alobbs/macchanger GNU MAC Changer] | ||
Software for Linux that disguises your mac address. Prevents identity theft when connecting to public wifi, etc. Tails is included by default and is not required. | |||
*[https://github.com/aforensics/HiddenVM HiddenVM] | *[https://github.com/aforensics/HiddenVM HiddenVM] | ||
A tool that can be installed in Tails to use Virtualbox without leaving any evidence. <strong>It is out of the question to install Kali Linux, etc. and think that "cracking can be done in an anon env where no evidence is left behind".</strong> | |||
== | ==Uses of Tor== | ||
Tor is supposed to be used to protect free speech, and the [[悪芋|bad people]] who commit criminal acts do not deserve to use Tor.<ref>{{archive|1=https://www.cyberarts.tokyo/?p=167|2=https://archive.vn/G4p7G|3=Torは無敵か? - Tanaka Kazunari}}</ref> | |||
Therefore, just because anyone can easily use Tor Browser by simply downloading it from the official site does not mean that easy misuse is acceptable. | |||
Even more so, install [[Tails]] to leave no criminal traces on your computer, install {{wpl|Whonix|lang=en}}, where all OS-wide communication goes through Tor and no IP leakage occurs, use {{wpl| Kali Linux}}, set up a bridge node to hide the fact that you are using Tor from the provider, use a web proxy such as [https://github.com/PHProxy/phproxy PHProxy] to hide the fact that the site is accessed from Tor. Use a web proxy, wrap with tools such as [https://proxifier.com/ Proxifier] or [https://pkgs.org/download/proxychains4 Proxychains] to pass through a proxy, or use a no-log [[VPN]] together, etc. should not happen. | |||
It is obvious that the bad potato who intend to abuse the system should choose a server that supports {{wpl|en:User Datagram Protocol|UDP}} to [[セルフ開示|self-disclose]] the IP address, and it is obvious that it is not allowed to introduce a virtual environment to further increase anonymity. | |||
It is also out of the question to use [http://taruo.net/e/ Shindan-Kun] to check if you have succeeded in creating an anonymous environment, or to edit torrc to select a server in a country that is less susceptible to investigation. | |||
==Notes== | |||
Tor itself anonymizes only the '''communication path''', and it is possible to be traced by other means than IP addresses (e.g., talking about myself)<ref>This is especially true if you were talking about yourself in a raw IP</ref>. Note that Tor currently support only the TCP protocol; communications using other protocols, such as the UDP protocol<ref>like [https://en.wikipedia.org/wiki/WebRTC WebRTC] used mainly for streaming, online gaming, and simplex calls</ref> is blocked by the Tor nodes.<ref>[https://gitlab.torproject.org/legacy/trac/-/issues/7830 UDP over Tor]</ref> | |||
If you want to use the Tor network for UDP-Connection, you can use a method such as [https://www.whonix.org/wiki/Tunnel_UDP_over_Tor#Transporting_UDP_Tunnels_over_Tor_with_a_VPN VPN over Tor]. | |||
< | It is possible that traces of crimes committed using Tor will be found when crimes committed using raw IP are discovered and the PCs are seized by [[国セコ|police]]. ([[福山紘基|Fukuyama Hiroki]] is a prime example). There are also vulnerabilities in Tor-based software, such as those mentioned above, that could break anonymity,<ref>[[Facebook]] has been revealed to have provided the FBI with technology to exploit the Tails vulnerability {{archive|https://www.itmedia.co.jp/news/articles/2006/30/news078.html|https://archive.vn/f3LCH|Reference}}</ref> it is also important to note that if used incorrectly, anonymity can be compromised. | ||
Thus, just using Tor carelessly may eventually lead to painful consequences (as mentioned above, Fukuyama became a martyr because of this), so '''before using Tor or any software that uses it, you should thoroughly understand the various risks by reading the respective official documents<ref>[https://2019.www.torproject.org/docs/documentation.html.en Tor's official documentation]</ref>''' | |||
==torrc== | ==torrc== | ||
[[ファイル:サイバー犯罪条約加盟国.png|200px|right|thumb|{{wpl| | [[ファイル:サイバー犯罪条約加盟国.png|200px|right|thumb|member of {{wpl|Convention on Cybercrime|lang=en}}]] | ||
torrc is a file included in the Tor Browser that can be configured to specify nodes to be passed through. It is also possible to avoid [[開示|disclosure]] risks and increase anonymity by avoiding bad nodes<ref>[https://wired.jp/2007/09/13/%E5%8C%BF%E5%90%8D%E5%8C%96%E3%83%84%E3%83%BC%E3%83%AB%E3%80%8Etor%E3%80%8F%E3%81%AE%E8%90%BD%E3%81%A8%E3%81%97%E7%A9%B4%E2%80%95%E2%80%95%E5%A4%A7%E4%BD%BF%E9%A4%A8%E7%AD%89%E3%81%AE%E9%80%9A/ 匿名化ツール『Tor』の落とし穴(1) - 大使館等の通信傍受に成功]</ref> or setting nodes through countries with short log holding periods. | |||
Tails: <code>/etc/tor/torrc</code> Whonix-Gateway: <code>/usr/local/etc/torrc.d/50_user.conf</code> Browser: <code>tor-browser_ja-JP/Browser/TorBrowser/Data/Tor/torrc</code> Edit the file above with a text editor, etc. to set up the file. | |||
Below is an example description. For other options, see [https://2019.www.torproject.org/docs/tor-manual.html.en Tor project]. Also, use [http://www.kc.tsukuba.ac.jp/ulismeta/metadata/standard/cntry_code.html country code]<ref>Country code can be set by enclosing it in {}</ref>. If you are describing a server with an unknown country code, use {??}. | |||
NumEntryGuards 5 # | NumEntryGuards 5 #If UseEntryGuards is set to 1, the number of candidate EntryNodes is set to 5. Changing the 5 part does not change the number of nodes to go through. | ||
ExcludeNodes SlowServer,{jp},{gb},{us},{ca},{au},{nz},{de} # | ExcludeNodes SlowServer,{jp},{gb},{us},{ca},{au},{nz},{de} #Do not go through the specified node. | ||
ExcludeExitNodes {bg},{cz},{fi},{hu},{ie},{lv},{lt},{lu},{nl},{ro},{es},{se},{ch},{ru},{hk},{il} # | ExcludeExitNodes {bg},{cz},{fi},{hu},{ie},{lv},{lt},{lu},{nl},{ro},{es},{se},{ch},{ru},{hk},{il} #Do not set the specified node as Exit node | ||
StrictNodes 1 # | StrictNodes 1 #Strictly set Exclude or not; setting it to 0 sometimes breaks the setting. | ||
Note that setting too many ExcludeNodes will ''''conversely limit the number of nodes to be passed through, which will reduce randomness and anonymity'''. | |||
== | ==References== | ||
<references /> | <references /> | ||
== | ==See also== | ||
*[[0Chiaki]] | *[[0Chiaki]] | ||
*[[VPN]] | *[[VPN]] | ||
*[[ダークウェブ]] | *[[ダークウェブ|Dark web]] | ||
*[[Onionちゃんねる]] | *[[Onionちゃんねる|Onion channel]] | ||
*[[恒辞苑:な行#生IP| | *[[恒辞苑:な行#生IP|rawIP]] | ||
*[[Tails]] | *[[Tails]] | ||
*[[悪芋]] | *[[悪芋|Bad potato]] | ||
== | ==External links== | ||
*[https://www.torproject.org/ | *[https://www.torproject.org/ Official sites] | ||
*{{wpl|Tor}}([[Wikipedia]] | *{{wpl|Tor|lang=en}}([[Wikipedia]]) | ||
*{{twitterlink|NumberID=18466967|ID=torproject}} | *{{twitterlink|NumberID=18466967|ID=torproject}} | ||
*[http://www62.atwiki.jp/sec4orpheus/pages/8.html Sec4Orpheus] - | *[http://www62.atwiki.jp/sec4orpheus/pages/8.html Sec4Orpheus] - A website that summarizes privacy defense techniques | ||
*[https://wiki.archlinux.jp/index.php/Tor ArchWiki] | *[https://wiki.archlinux.jp/index.php/Tor ArchWiki] | ||
*[https://www.whonix.org/wiki/Main_Page Whonix Wiki] | *[https://www.whonix.org/wiki/Main_Page Whonix Wiki] | ||
{{GoToEnglish|ja=Tor}} | |||
{{匿名化技術}} | {{匿名化技術}} | ||
{{恒心教徒}} | {{恒心教徒}} | ||
{{デフォルトソート: | {{デフォルトソート:Tor}} | ||
[[カテゴリ:匿名化]] | [[カテゴリ:匿名化]] | ||
[[カテゴリ:English]] | |||
{{広告}} | {{広告}} | ||