Silk Road forums
Discussion => Newbie discussion => Topic started by: Young Morpheus on April 29, 2013, 06:17 pm
-
Hello,
I am a newbie to SR. I have made several purchases so far. Along with of course the immediate desire of stimulation, I also believe in a free society. This is a great place, and ran very well. It's beautiful.
I'm mostly a lurker, but I have to register if only to explain some things. There are a few very smart guys who have made comments with their knowledge of IT, and of course the staff is too busy to really bother explaining so I want to explain a couple of things. Some of the things I have read are cringe worthy. I also haven't found any explanation to the layman for what is potentially occurring.
Going to a website (SR for example) is the process of your computer:
1) Sending Information
2) Getting information for the best route to take to the destination (SR webserver)
3)Traveling that route
4) Changing routes as instructed by networking protocols
5) Reaching Destination
6) "Handshaking" with the destination (webserver)
7)Delivering payload.
These are sent in units called packets. As you can see, sending a packet from one point, to another (client>server in our case) Goes through a lot of different points in it's life. Travel between each point is a potential for this packet to be sniffed, diverted, ignored etc. With that said, even if your packet reaches it's destination, the device that sent the packet, has no clue if it reached it or not. When the "Handshake" occurs typically the receiving networking device will send another packet in return to let the sending know that it was received in the first place. This means that a packet could reach it's destination, but you have no clue.
A caveat to be mentioned is that since we go through TOR, TOR works as a middle (proxy) for this traffic. I am not a networking specialist, but basically when information is sent, if properly configured the data will enter into TOR"s network where it is anonymized etc. The reason that a TOR site is slower than a clearweb site is because the relays handling this job aren't massive networking operating centers like an internet backbone, and it just takes time.
A DoS (Denial of Service) attack is not typically considered hacking. It is not a crash of the destination server, or anything else. It is merely the exploitation of TCP/IP's many weaknesses. A DoS attack is when a network capable device, maliciously sends so many requests for information to a target server that some point, in the previously aformentioned route that traffic traveling to that target server, doesn't reach it's destination. The packets you send are refused, because the malicious packets of an attacker are taking up resources by being flooded. A DoS isn't like hitting refresh on your browser over and over, that's not nearly fast enough. They are typically programs (easy to create) made that send junk data over and over and over again. This ties up one of the points a packet would take from point A to point B. Typically the bottleneck would be the actual webserver as internet backbones can handle massive amounts of traffic, but since it's TOR we aren't really utilizing internet backbones. Smaller relays may not be able to handle these requests either.
A DDoS (Distributed Denial of Service) Is the same as above, except from multiple devices and locations for maximum potency. Typically with a DDoS there is also the potential to crash the target server (Every request requires some part of that servers resources).
I'll leave it at that, I can get much deeper if anyone has any questions. The concept is simple, but under the hood is more complicated than your typical layman cares to know.
DoS attacks are a pain in the ass to deal with because it's hard to discern what is legit traffic from what is illegitimate. Being behind TOR makes this process much harder I'd believe as well. DPR mentioned that we are dealing with leading edge anonymity technology because dealing with a DDoS in the open is no mystery, DoS attacks are simple and old as the modem, but doing it within the environment of a ToR is probably intense, and certainly beyond my level of networking and security.
What ISN'T a DoS? It's not a hack, it's not cracking into a database and stealing your information. It's not gaining root access to a webserver, it's nothing elegant. It's merely exactly what the name is, a Denial of Service. On the contrary, since it is being DoS'd nobody, even a potential hacker is getting in. Packets don't wear a wizard hat of any color.
I'm bored does anyone have any questions?