Tor

Tor is free software for enabling anonymous communication. The name is an acronym derived from the original software project name The Onion Router,[7] however the correct spelling is “Tor”, capitalizing only the first letter.[8] Tor directs Internet traffic through a free, worldwide, volunteer network consisting of more than seven thousand relays[9] to conceal a user’s location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult for Internet activity to be traced back to the user: this includes “visits to Web sites, online posts, instant messages, and other communication forms”.[10] Tor’s use is intended to protect the personal privacy of users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities from being monitored.

Onion routing is implemented by encryption in the application layer of a communication protocol stack, nested like the layers of anonion. Tor encrypts the data, including the destination IP address, multiple times and sends it through a virtual circuit comprising successive, randomly selected Tor relays. Each relay decrypts a layer of encryption to reveal only the next relay in the circuit in order to pass the remaining encrypted data on to it. The final relay decrypts the innermost layer of encryption and sends the original data to its destination without revealing, or even knowing, the source IP address. Because the routing of the communication is partly concealed at every hop in the Tor circuit, this method eliminates any single point at which the communicating peers can be determined through network surveillance that relies upon knowing its source and destination.

An adversary might try to de-anonymize the user by some means. One way this may be achieved is by exploiting vulnerable software on the user’s computer.[11] The NSA has a technique that targets outdated Firefox browsers codenamed EgotisticalGiraffe,[12] and targets Tor users in general for close monitoring under its XKeyscore program.[13] Attacks against Tor are an active area of academic research,[14][15] which is welcomed by the Tor Project itself.[16]

DNS cache in Firefox

Clear DNS cache in Firefox

 

During the day I switch my VPN connection on and off several times. When I try to hit a server inside my company’s network while the VPN connection is down, it obviously fails and because I’m using OpenDNS every hostname resolves to an ip-address (in this case an ip-address of a server at OpenDNS).

I connect to VPN and then reload the page in Firefox and the same error page shows up. The reason for this behavior is Firefox’s internal DNS cache. The only remedy at that point is to close Firefox and restart it, which clears the in-memory DNS cache.

However, there’s a solution that does not require a restart.

  1. type about:config in Firefox’s address bar
  2. acknowledge the warning that appears next
  3. find an entry called network.dnsCacheExpiration and set it’s value to 0
  4. if there’s no such entry, create a new integer item with the name above and a value of 0
  5. now go back and change the value to 3600

In step 3 (or 4) we tell Firefox that the expiration time for DNS cache is 0 seconds, which means that cache entries expire immediately, essentially clearing the existing cache. In step 5 we go back to the standard 3600 seconds (1 hr) cache expiration. The net effect of these steps is an empty DNS cache, meaning that the next time you hit the trouble server above, Firefox will attempt to resolve the hostname to an ip-address.