New Training: Data Obfuscation and Hiding

In this 6-video skill, CBT Nuggets trainer Keith Barker discusses the impact and methods of evasion and obfuscation techniques, including tunneling, proxies, and NAT. Watch this new Cisco training.

Watch the full course: Cisco Certified CyberOps Associate

This training includes:

• 6 videos

• 1.1 hours of training

You’ll learn these topics in this skill:

• TOR Overview

• Installing Tails

• Steganography

• HTTPS

• Tunneling

• NAT-PAT

How TOR Keeps You Private Online

The TOR network is a bit complicated. It uses multiple layers of encryption to mask communications being sent to and from a client. Communication sent out from a client is wrapped multiple times in an encryption scheme. That information is then sent into the TOR network. The TOR network passes that communication between multiple nodes. At each node, a layer of encryption is removed from the communication. Once all layers of encryption are removed, that communication exits the TOR network and is sent to its original destination. By routing traffic through these multiple nodes, the identity of the client computer can be hidden because the origin IP address and all packet metadata are encrypted. It should be noted that this is a gross oversimplification of how the TOR network works.

Using TOR is easy enough. Anyone can download a 'portable' package from the TOR website that includes a copy of Firefox along with the software to route traffic through the TOR network.

Though using TOR is generally considered safe, it has been the target of security research. For example, the NSA had previously been able to de-anonymize traffic sent through the TOR network by utilizing a security vulnerability in Firefox that was previously packaged with TOR. In theory, it is possible to discover a client's identity through statistical analysis attacks, though these are extremely difficult to implement.