Gigamon Deep Observability Pipeline

Supercharge your observability tools with actionable network-level intelligence to realize the transformational promise of the cloud.

LEARN MORE

CLOUD VISIBILITY

DATA CENTER VISIBILITY

NETWORK SECURITY

TRAFFIC INTELLIGENCE

From the Core to the Cloud, See it All

Simplify, secure and scale your hybrid cloud infrastructure to accelerate digital innovation.

CLOUD VISIBILITY

DATA CENTER VISIBILITY

NETWORK SECURITY

INDUSTRY

A Thriving Partner Ecosystem

Gigamon reseller and integration partners design, implement and optimize best-of-breed and validated joint solutions.

FIND A PARTNER

NOT A PARTNER?

ALREADY A PARTNER?

Proven Support and Services

Our global support team is committed to creating experiences of unmatched quality, scalability and efficiency.

OVERVIEW

GET SUPPORT

VÜE COMMUNITY

voice of the customer

Gigamon serves the world's more demanding enterprises and public sector agencies, enabling them to harness actionable network-level intelligence to amplify the power of their cloud, security and observability tools.

CUSTOMERS

cegedim

Cegedim.cloud

Improves cloud infrastructure and visibility

 

Five9

Five9

Delivers Cloud-Powered Contact Center Excellence

DoD

Department of Defense

Confidently feeds different tool sets in the physical and virtual world.

 

Resource Library

Your one-stop hub to explore content resources and stay current on the latest in how to amplify the power of your cloud, security and observability tools.

RESOURCES

def-guide

Achieve Hybrid Cloud Observability

Strengthen visibility and security.

deep observability

Observability is Key to Transformation

Unleash cloud potential with deep observability.

ebook

Deep Observability eBook

Take your security and observability tools to a whole new level.

WHY GIGAMON

Gigamon offers an advanced deep observability pipeline that harnesses actionable network-level intelligence to amplify the power of your cloud, security and observability tools.

LEARN MORE

IN THE NEWS

COMPANY INFORMATION

Deep Observability

Unseen Threats Can Lurk in Your Midst

Deep observability exposes previously unseen threats.

GPTW

Join the Team

Become a part of the OneGigamon team. Search for your next opportunity.

SHARE
Security / October 25, 2016

The Internet Umbra

Justin Harvey  

There’s a shadowy, dark side to the Internet. Home to pedophiles, organized crime syndicates, nation-state spies, content pirates, drug dealers. But is that all? What if I were to tell you your computer could easily be connected to this seedy network?  Would you believe me?

It’s been called many different things: “darknet,” “deepweb(s),” “Internet underground,” “TOR” . . . but for simplicity’s sake, let’s settle on the “darkweb,” whose technical underpinning is based upon a software program called “The Onion Router,” or “Tor” for short.  Tor was initially developed in the early 2000s, but only caught on a few years ago.

How Does It Work?

The darkweb has two critical features:

First, Tor creates an encrypted virtual network that acts like an overlay on top of the actual Internet. This means that anyone can download the Tor client and jump on the darkweb, as long as their computer is connected to the regular Internet.  All network communication across the Tor network is encrypted, ensuring that no eavesdropping can happen.

Second, and maybe the most important feature of Tor, is that it anonymizes user traffic by bouncing traffic off other users. This makes it impossible to track a user’s browsing activity through the darkweb.

Websites can be hosted on the darkweb just as easily as a normal, legitimate Internet site.  The only difference is that the website must be hosted on a Tor node (a server that has the Tor client software installed, the same software that an end user has).

Who Uses the Darkweb and Why?

Many criminal organizations are moving their operations to the darkweb.  You’ve probably heard about Silk Road, the largest Tor website to date that’s been busted.  Run by Ross William Ulbricht, aka Dread Pirate Roberts, Silk Road was an underground website marketplace devoted to the buying and selling of illicit drugs.  It was theorized that the FBI was able to determine the server’s location by tricking the website into giving authorities the real, non-Tor IP address.  With the actual IP address in hand, law enforcement seized the server and arrested and sentenced the owner, Mr. Ulbricht, to life in prison.

While criminal storefronts are still being operated, they’re not as easy to find as one would think.  Because these marketplaces are highly illegal and require private invitations to join, they’re not indexed by the rudimentary Tor search engines. There is no Google for the darkweb.  However, whether it be a virtual storefront for new malware threats or an underground firearm swap & shop, these operations are present.

Because Tor can mask a user’s location, cybercriminals have been using it extensively to communicate with their victims.  Case in point, consider ransomware.  When infected by ransomware, a victim’s hard drive is encrypted and unless they pay the attacker in Bitcoins, they can’t recover their data. Once the victim pays, they receive the key to decrypt their hard drive via an email, which was sent from the attacker residing on the darkweb in order to mask his location.

There are very few legitimate uses for Tor, but they do exist.  According to their website, they include:

  • Protecting your online privacy from irresponsible corporations, marketers, and identity thieves: In the past, Internet Service Providers (ISPs) have sold browsing history of their users to ad agencies for targeted marketing purposes.
  • Protecting your children’s location: There are freely available databases that map IP addresses to physical locations. Sometimes this can be at such a granular level as to pinpoint your location to the street and house number.
  • Researching sensitive topics: Some sensitive searches, such as for AIDS or birth control methods, are prohibited or frowned upon by national law. Tor would allow citizens to freely use Google or other websites to find out more information without fear of being located.
  • Skirting surveillance and circumventing censorship: Certain countries track your Web browsing habits and some even seek to censor their citizens.

Closing Advice

While there may be a few limited situations where Tor can be useful, more often than not, it’s safer to avoid it altogether for the average user.  If you’re looking for a privacy solution, you may want to look into a personal Virtual Private Network (VPN). These VPNs run anywhere from $1-$3 a month, are great at masking your physical location, and provide much better network speeds than Tor.

In other words, resist the pull toward the shadowy, dark side.

If you’d like to learn more, join Gigamon on Thursday, October 27, at the NYC Cybersecurity Summit for a panel discussion with cybersecurity experts from DTCC, UCI Cybersecurity Research Institute, Area 1 Security, and The New York Times that covers the privacy and TLS 1.3 issues. And Kevin Mitnick, the world’s most famous hacker, will be delivering a compelling keynote guaranteed to generate further debate.

  • © Gigamon 2024
Back to top