Hello fellow autodidacts!
I've been reading up on proxy chains and tor routing and find it very interesting, as well as maybe just a little confusing.
I understand the general principle behind both methods, with Tor's onion protocol and proxychaining to reroute traffic via a proxy server, so my question is:
1) I've heard that who ever "owns" the exit nodes of a tor network can view all the traffic in and out. What exactly are exit nodes, and how would someone, say the NSA or FBI, find them in order to view the traffic? And does encrypted traffic stop them from actually viewing the content?
2) Does proxy chaining first through the Tor network then via a anonymous proxy reduce the risk of anyone intercepting the data?
I've launched a kali linux vm, installed tor and started the services, configured the proxychains.conf file to point to Tor then to a russian anonymous proxy as a test. I've then run several test and all show my IP as the Russian proxy, which is good (i hope). I understand that if someone were to gain access to the russian proxy, or if the proxy were to give anyone their logs, they would see the IP before it hits the proxy, so would routing through Tor first prevent the traffic being traced back?
Thank you!
3 Responses
You are right. Whoever owns the exit node owns the traffic on ToR and see all of it. The exit node is the last machine that ToR exits from when arriving at its destination. The FBI or NSA do not need to find them, they own them. They have placed ToR nodes around the world for just this purpose. You could be using one now.
Right I understand!
Thank you! I've done a bit more research into exit nodes now and it's all making sense.
Good explanation of ToR exit nodes, middle relays & bridges here:
https://www.eff.org/torchallenge/what-is-tor.html
Share Your Thoughts