Tor and sniffing data

Not really,

The only who can sniff data is the last node between the three. And even then, it can't tell who this data belongs to unless this data contains identifying information.

The reason the others can't sniff is that Tor uses onion routing, as its name suggests. That is, when you send a request to a certain server, and suppose it's going to pass through nodes A, B and C, the message is first encrypted using C's public key, this encrypted message is encrypted with B's key, and this double encrypted message is further encrypted using A's key, then transmitted to A, and as each node receives it, it unlocks its own layer of encryption, and passing it along, without being able to know what's further inside.


I understand that I am late to the party, but still I would like to add my few words:

Quick answers:

Tor works opening a random anonymous path between two hosts using others computers that have Tor installed

No. Have installed Tor, are using Tor and agreed that they will be nodes. (They can also chose what type of nodes they will be)

everybody can sniff the data of the others

No. Only the last (exit-node) can sniff your data

What others alternatives exist for hide a connection?

This is really good to hide connection. You have a free high quality proxy which does not know about your location. But it does not provide security. Use websites which has https

A little bit of explanation how Tor works:

Tor is anonymizer. This means that it's primary function is to hide information about your internet activity (so if your network provider wants to see what exactly are you browsing, or a website wants to track who exactly visited it - both of them will fail)

The best explanation about the principles of work of Tor are depicted in the pictures: enter image description here

Here you see that to connect to the Tor network you in the beginning need to know to whom to connect. You get this info from Tor server. These are not people, who are just using Tor, but rather people who decide to contribute to the Tor network. (In the options in your client, you can choose to be a contributor. On this laptop do not have Tor, so can not point right now where exactly it is). This connection is encrypted. After you have chosen a node, you connects to it directly (also using encryption).

enter image description here Than the connection bounced for several times and each time it is encrypted. The only node, who will know about your query is actually the last one, who decrypts it to connect to the server you wanted in the first place. But he do not know who asked for this connection. The server replies to that node with unencrypted data. So he also see the info intended for you. (One more time - he does not know who are you). He encrypts it end sends back through the same path. You encrypt the data, you asked for. Because of this path, it actually takes so long to open a web page using Tor.

Pictures are taken from official Tor web-site.

So actually you get the same problems as if you are using a proxy server. It is possible for the exit node (only for him, not for every node in the path) to sniff your traffic. This means he can:

  • know which web pages the user visits
  • read the messages the user exchanges through unencrypted IM networks
  • read the emails the user sends
  • find passwords and login for FTP, SMTP, web services
  • use cookie hijacking to impersonate you

But if you will be going to SSL protected website, he will not be able to do the above mentioned. So connect through Tor for anonimity and be sure that you connected to https for security.

Tags:

Sniffer

Anonymity

Tor

Recent Posts