1. Abstract
Among all the various creations, the most powerful resources, web pages, blogs, personal research and academic articles we come across the internet, there is a whole new world to the internet in itself. The darkest corners of the internet has still not been explored by many. Ninety percent of the internet users are still not aware of this "dark" corner, wherein lies the deepest articles, variety of uncommon resources, shopping items, and other anarchic materials which hides beyond the regular internet. This article will walk through the darkest corners of the internet, aware the regular users, how big and what data size is the real internet, and what we get out of it. There are people who have been already visiting the darknet (or the deepweb) for profit, fun, knowledge, resources and to mine more data for the sake of curiosity. But there are very fewer people who publish their research, the underweb and the material in open public. The reason, they wish not to share could range from "not want to share" to "the normal people just don't get it" answers. To believe or not to believe the deepnet is wholly to an internet user perspective, but the hidden web does exists. People already have access to them, people already exchange data within the realms of the deepnet; also, people already make a business out of them. 70 percentile of the deepweb is considered illegal, if seen from a country government perspective. Either that or not, the deepweb still exists and will continue to work, because no one has control over it. With rising censorship and devastation of regulations on the internet, certain individuals have already shifted from the regular internet via a browser to the deepweb, wherein they can discuss their own ideas, maintain their own personal blog, share theories and discuss data which is limited to the regular internet as a whole. What we will go through is a perspective analysis of why, where and how did the darknet come to existence and what are the ways to access it. We will first look back to the roots of the internet, where the internet was born and what anomaly triggered which gave birth to the existence of the internet and the deepweb.
To look back through the history of the internet, one has to consider where it all began. The internet was born out of ARPANET (The Advanced Research Projects Agency Network). The ARPANET was the first operational packet switching experimental network limited only to four university, among which one was research center. Being a test experimental subject on packet switching, the ARPANET connected UCLA (University of California, Los Angeles), Stanford Research Institutes Augmentation Research Center, UCSB (University of California, Santa Barbara), and University of Utah's Computer Science Department. The defense communication agency then took control over the ARPANET since the project was to be funded. The DDN, Defense Data Network was then established within the ARPANET which consisted of the MILNET, Military Network, for unclassified information flow and for communication. Because the ARPANET was separated, the nodes connected to the ARPANET was reduced in regards to the civil network, and the military network, both had their own domain and control over it. The ARPANET was supposed to limit over 1,000 hosts, but fortunately the TCP/IP architecture gave birth to new network design and about 30,000 different hosts were connected to the ARPANET by the end of 1987. This is turn gave birth to services like USENET.
USENET provided discussion zones to the hands of the public and the network went viral worldwide. USENET used newsgroups and BBS, a short for Bulletin Board System. Further, AOL (America Online) came up with its own services which largely affected the USENET users and the quality. Random people from all over the world began using the services and hence the point of no return occurred. This anomaly where the network was just accessible to few people and the drastic changes with new mass users added was termed "Eternal September". Because this happened on September, 1993 people kept the name as this way. A whole new network with diversity and a culture was formed, which is now known as the "internet". The journey from the ARPANET to the internet what it is today, molded people in a different way. Some went being cowboys and some went practically living on the internet with rise in social media, Multiplayer games, which then became Virtual Reality (VR) and the cyberspace.
2. Where Deepnet came from to what it is today
The Internet at an early stage used static pages, wherein information was public and people could only see text all over the pages. At the very beginning, there was no buffering of videos, people could only use FTP and download music, videos and documents. With rise in P2P network, files, music, videos, and documents went shared, people downloaded with more bandwidth, more speed and went spending time more often on the internet. Developers jumped in and corporations started realizing internet could be of profit and started making money with advertisements, commercials and providing services. Soon after the dot com bubble burst, the era of Web 2.0 marked revolution.
There were dynamic pages, web content videos, blogs, and pages everywhere. The use of easy to script Java language made web coding easier and this went. People started registering their own domain name, file servers, and data space. Since the web was now so much easier to handle with all the automation, people started using the web and the internet as their daily donuts. Mass media went providing news services, Different ISP offered cheap internet access on competition, and web developers went bargaining over their customers on web development, personal blogs with personal, irrational, national views went up.
People went using internet as a weapon against injustice by writing blogs, stating their personal views, communities came up, to which the government saw as a threat. This threat as largely due to the "freedom of speech". The giant corporation, and the government policies went through changes and bills were passed to oppose the flow of free information. It was at this moment, people from different culture showed up. These people were the internet cowboys, they believed in information flow. Most often, these people had been called with different names, some call them hackers, some call them crackers, still some call them problem makers, yet others call them the heroes of the computer revolution.
Since hackers and people alike with certain ideas and rare culture are themselves bound and called "cyber terrorist" worldwide, people often fail to realize these are the same people who gave birth to the internet, the ones who keep the internet running. There were explorers who already had dug the internet and had left the public to see the treasure beyond to that of the internet. Fact is, the internet itself is just the surface web. There are layers and there are intermediates in-between these layers. The deeper one goes down, the closer comes the darknet. Between the surface web and the deepweb, there is an interesting web which is known as the "Underground".
3. How is your data at risk?
The Underground consists of different services, most of them are illegal. There are people from drug dealers to professional stealers who have found their ways to sell their services with anonymity. These services could be purchased either via bitcoins or paypal, liberty reserve. The service providers can also ask for direct Western Union wired money transfers if they wish to.
Bitcoin and all others similar are virtual money system are based on virtual money transfer, hence providing partial anonymity to total anonymity. Carders and drug dealers could also be found on the surface web (which is sometimes referred to as clearnet). The criminal underground goes much more deeper than this, which is darknet (the deepweb!). Paypal accounts, premium porn accounts, sony playstation accounts, minecraft accounts, and even mass facebook accounts are sold in the underground. There are professional hackers and carders who sell these services to the one who wish to buy these services. Normally the underground services majorly depends upon anonymous email setup, or IRC network. An IRC is an Internet Relay Chat system, where people join specific channels of their interest and discuss topics. The underground plus the surface web still covers 20 percent of the whole ocean web. The rest 80 percent is the deepnet. To explore the deepweb, one needs special browser setup with proxy. Beyond the underground lies the deepweb. The Underground is also referred as the "gray" area which lies between the surface web and the deepweb.
4 Accessing the deepbweb
To access the deepweb, one has to have special proxy browsers which encrypts and tunnels the source packets, this again works on exit and entrance nodes. Once installed, this special web browser would relay the packets and forward it to different known nodes of entrance and pass through many other host and then would land up to the desired special address. 'Tor', or The Onion Router is a special proxy browser of its kind which provides access to the deepweb locations (special addresses). These sites have been setup on private servers across the globe. These addresses contains special content which might not be found on the surface net. The quality of contents found on these special sites differs, and recognizes the different layers of the deepweb. The deepweb is 80% rest of the internet, which consists of floating data, raw data and accessible private data. Most of this private data comes from universities, NASA research center, geological and astrological hidden data, biological data and different services, which are mostly illegal. These following images have been taken from the deepweb to illustrate what happens and what goes on beyond the general surface web.
The different layers of the deepweb could be differentiated by its contents and quality of the data obtained. The layer one of the deepweb consists from source code exchange to suicide, porn tapes, isolated FTP servers, private servers, mathematics research, visual processing, virus information, hackers are its kind. People also sell pirated software, ripped source code, personal experimental research, and credit card, SSN information. The second level of the web consists of discussions on circuit development, AI theory, the MIT and its research, shell networking, node transfers, data analysis, data mining and cosmologists. From second to the third level, one would find banned videos, banned books, black magic practices, Assassination boards, human trafficking, corporate exchange, line of blood locations, hidden wiki, anarchists, political hunters, drug sales, weapon inventory, arms and ammunition, nuclear weapons, black market, human experiments., conspiracy, pedophilia, cannibal discussion and procedure, the Silk road, privacy and pirating software's, movies and celebrity leaks. Bounty hackers could also be found here (also on the clearnet) who takes up payment for finding software, web application and network vulnerabilities on different corporate sites and it's network infrastructure.
All these corporate exchange happen in this third level, where people are anonymous and the only thing what matters is to share information. Moving from the third level to the fourth level, one could figure out, they are way too long from the surface net and will find themselves landing onto pedophile zones, where pedophiles discuss child porn, hardcore candy, necrophilia, zoophiles, professional international assassin market, high cost exploits for web vulnerabilities, WW2 files and future extradition files, concepts on redesigning electronic processors, also called GGGQEP (Gadolinium Gallium Garnet), geometric algorithm shortcuts, the second world order revolts, theorists, global assassination planners, revolutionary anarchists and human experiments.
Beyond the fourth level , there is plenty of information on government policies, national priority data, NASA raw documents and footage records, astrological skyline plans and extraction points, heavy interNIC databases, old forbidden and lone servers which are not connected directly to the internet, closed shell servers and its access, nuclear datasheet plans, international energy crisis plans, black arms and ammunition market including military weapons, data smugglers smuggling drug information, military information and international surveillance systems. All classified information is available only if one has a strong heart to reach it and the proper resources with contacts.
Everything that happens in the deepweb or even on the gray area, that is the underground, is achieved with proper illegal contacts, who has further information and the web resources to dig out the darkest corners of the deepweb. The deepweb still is vast, and no one man has ever surfed the whole of the information which keeps floating around. The surface area itself looks so vast and it easily accessible because the search engine does half the work on behalf of the users. Search engines like yahoo, google, bing are designed to pick up common popular search keywords which keep incoming from the users and save it and then repeat the search. The concept with the clearnet (or the surface web) only lies in indexing and crawling the different part of the surface web to fetch contents. The security scenario is just as messed up as it was earlier, rather everything is worse with rich applications and complex environments which become an easy target for experienced exploiters.
5. How hackers use the deepweb
The Darkweb or the Deepweb is used by the hackers in the most amazing way to buy exploit details and gain entry into an application, your corporate network and restricted zone without you noticing since these exploits are hardcoded and hardly detected by any underlying firewalls be them web application firewalls or network firewalls. Corporate Databases are open for sale and enterprise data is stolen to gain profit from the business in exchange of these databases.
The I2P network has given the hackers the power in their hands to buy cheap exploits with contacts and available resources at their own disposal. The exploitation of databases have been so much easier than with automated commercial and open-source tools at hands. Some of them are:
1. SQLMap
2. SQLNinja
3. Havij
Automation in exploitation is just a process of identifying the vulnerabilities in the most common parameter entries of an application. A penetration test goes by far beyond that and hence helps secure an application. Without a formal testing, your database could already be out there into bad hands without any notice. The most shocking part is, all of these services as mentioned above are taken via Bitcoins which are un-traceable and no traces of the origin are found. It’s easy for the hackers to benefit in their business and by far maintain low profile to never get caught. They have been targeting e-commerce sites to gain the most of the pleasure selling vulnerabilities to 3rd party for financial profits. Any serious corporate business should consider undergoing a formal penetration test for their applications, network and against their databases.
6. Defencely – Unbreakable
Among application security in India, Defencely is the top playing company which has made it to proving its services globally in little time and with huge success stories to share. Defencely is an application security service provider and now have various services stared apart from application security. This includes:
- Web Application Security
- Network Security
- Mobile Security
- Business Logic Security
The no-nonsense security zone has just taken the lead with its vast expertise experience with a strong research department. Defencely’s primary vision is to provide ‘security’ at its best to its clients and conduct ‘security research’, discover new ways, innovate new security concepts and deliver the product of these to the valued clients. Defencely.com has not only made a strong Indian presence, but has also taken its services globally to make a profound impact on the Security Industry with rising expertise at what it does. The focus and the quality it delivers is amazingly an asset to any vendor taking its services and there has been a lot of buzz already among the leaders. To take the next step forward, Defencely is now headed from Texas with a strong presence in India and U.S. It’s an essential recommendation for web-business needs as per security is concerned. Nothing could stand Defencely’s strong team.
7. About the author
Shritam Bhowmick is an application penetration tester professionally equipped with traditional as well as professional application penetration test experience adding value to Defencely Inc. Red Team and currently holds Technical Expertise at application threat reporting and coordination for Defencely Inc.’s global clients. At his belt of accomplishments, he has experience in identifying critical application vulnerabilities and add value to Defencely Inc. with his research work. The R&D sector towards application security is growing green at Defencely and is taken care by him. Professionally, he have had experiences with several other companies working on critical application penetration test engagement, leading the Red Team and also holds experience training curious students at his leisure time. The application security guy!
Shritam Bhowmick has been delivering numerous research papers which are mostly application security centric and loves to go beyond in the details. This approach has taken him into innovating stuff rather than re-inventing the wheel for others to harness old security concepts. In his spare time, which is barely a little; he blogs, brain-storms on web security concepts and prefers to stay away from the normal living. Apart from his professional living, he finds bliss in reading books, playing chess, philanthropy, and basket-ball for the sweat. He wildly loves watching horror movies for the thrill.
0 comments:
Post a Comment