• 欢迎访问速搜资源吧,如果在网站上找不到你需要的资源,可以在留言板上留言,管理员会尽量满足你!

【速搜问答】洋葱头是什么

问答 admin 1年前 (2020-09-07) 398次浏览 已收录 0个评论

汉英对照:
Chinese-English Translation:

洋葱头(The Onion Router)是一种软件,是第二代洋葱路由(onion routing)的一种实现,用户通过它可以在因特网上进行匿名交流。

The Onion Router is a kind of software, an implementation of the second generation onion routing, through which users can communicate anonymously on the Internet.

洋葱头(The Onion Router)是一种软件,是第二代洋葱路由(onion routing)的一种实现,用户通过它可以在因特网上进行匿名交流。

The Onion Router is a kind of software, an implementation of the second generation onion routing, through which users can communicate anonymously on the Internet.

Tor(The Onion Router)是第二代洋葱路由(onion routing)的一种实现,用户通过 Tor 可以在因特网上进行匿名交流。最初该项目由美国海军研究实验室(US Naval Research Laboratory)赞助。2004 年的后期,Tor 成为电子前哨基金会(Electronic Frontier Foundation,EFF)的一个项目。2005 年后期,EFF 不再赞助 Tor 项目,但他们继续维持 Tor 的官方网站。

Tor (the Onion Router) is an implementation of the second generation onion routing. Users can communicate anonymously on the Internet through tor. Initially, the project was sponsored by the US Naval Research Laboratory. In late 2004, tor became a project of the Electronic Frontier Foundation (EFF). In late 2005, eff no longer sponsored tor, but they continued to maintain tor’s official website.

Tor 专门防范流量过滤、嗅探分析,让用户免受其害。Tor 在由“onion routers”(洋葱)组成的表层网(overlay network)上进行通信,可以实现匿名对外连接、匿名隐藏服务。

Tor is designed to prevent traffic filtering and sniffing analysis, so that users can avoid their harm. Tor communicates on the overlay network composed of onion routers, which can realize anonymous external connection and anonymous hiding service.

Tor 浏览器包

Tor browser package

Tor 浏览器包是一个免费的计算机应用程序,可以下载和使用,以避免互联网过滤。它可用来屏蔽一个互联网用户的 IP 地址,允许匿名浏览。Tor 浏览器包是提供包括汉语在内的多国语言界面。

Tor browser package is a free computer application that can be downloaded and used to avoid internet filtering. It can be used to mask the IP address of an Internet user and allow anonymous browsing. Tor browser package provides multi language interface including Chinese.

Tor 用户在本机运行一个洋葱代理服务器(onion proxy),这个代理周期性地与其他 Tor 交流,从而在 Tor 网络中构成虚电路(virtual circuit)。Tor 是在 5 层协议栈中的应用层进行加密(也就是按照’onion’的模式)。而它之所以被称为 onion,是因为它的结构就跟洋葱相同,你只能看出它的外表,而想要看到核心,就必须把它层层的剥开。即每个路由器间的传输都经过对等密钥(symmetric key)来加密,形成有层次的结构。它中间所经过的各节点,都好像洋葱的一层皮,把客户端包在里面,算是保护信息来源的一种方式,这样在洋葱路由器之间可以保持通讯安全。同时对于客户端,洋葱代理服务器又作为 SOCKS 接口。一些应用程序就可以将 Tor 作为代理服务器,网络通讯就可以通过 Tor 的虚拟环路来进行。

In this way, the proxy runs in the local network. Tor is encrypted in the application layer of the 5-layer protocol stack (that is, according to the “onion” mode). The reason why it is called onion is that its structure is the same as that of an onion. You can only see its appearance. If you want to see the core, you must peel it off layer by layer. In other words, the transmission between each router is encrypted by a symmetric key, forming a hierarchical structure. The nodes it passes through are like the skin of an onion. Wrapping the client in it is a way to protect the source of information, so that communication security can be maintained between onion routers. At the same time, for the client, the onion proxy server acts as the socks interface. Some applications can use tor as proxy server, and network communication can be carried out through tor’s virtual loop.

进入 Tor 网络后,加密信息在路由器间层层传递,最后到达“出口节点”(exit node),明文数据从这个节点直接发往原来的目的地。对于目的地主机而言,是从“出口节点”发来信息。要注意的是明文信息即使在 Tor 网络中是加密的,离开 Tor 后仍然是明文的。维基解密创始人便声称其公开的某些文件是截获于 Tor 的出口节点。

After entering the tor network, the encrypted information is transmitted layer by layer among routers, and finally arrives at the “exit node”, from which the plaintext data is sent directly to the original destination. For the destination host, it sends information from the “exit node”. It should be noted that even if the plaintext information is encrypted in tor network, it is still clear text after leaving tor. The founder of WikiLeaks claimed that some of its public documents were intercepted at tor’s export node.

由于在 TCP 数据流的级别通讯,Tor 显得卓然独立于其他匿名网络。通过使用 Tor,一般的应用程序都可以实现匿名,比如 IRC、即时通讯,以及浏览网页。浏览网页时,Tor 常常与 Privoxy 或 Polipo 等联合使用,Privoxy、Polipo 是开源代理服务器,可以在应用层增加保护隐私。

Because of the communication at the level of TCP data stream, tor is independent of other anonymous networks. With tor, common applications can be anonymous, such as IRC, instant messaging, and browsing the web. When browsing web pages, tor is often used in combination with privoxy or polipo, which are open source proxy servers that can increase privacy protection in the application layer.

由于 Tor 可以匿名进行 TCP 传输,这就导致了被滥用的可能。路由器存放有一个“出口政策”(exit policy),内有各种地址、端口的组合规定,通过这个来区别哪些传输可以通过这个节点而离开 Tor 网络,这样就可能防范许多滥用的可能。潜在的滥用包括:

Since tor can be transmitted anonymously through TCP, it may be abused. The router stores an “exit policy” with various address and port combination regulations, which can distinguish which transmission can leave the tor network through this node, so as to prevent many possible abuse. Potential abuses include:

P2P:抛开合法性不谈,如果通过 Tor 网络来进行大量数据的传输,这就有些不礼貌了,毕竟洋葱路由器是由志愿者,花费自己的带宽创建起来的。

P2P: regardless of the legality, it would be impolite to transmit a large amount of data through tor network. After all, Onion Router was created by volunteers with their own bandwidth.

E-mail:匿名的 SMTP 很容易导致垃圾邮件的产生,一般 Tor 节点的“出口政策”,都拒绝对外连接到端口 25(smtp 的端口)。

E-mail: anonymous SMTP can easily lead to spam. The “export policy” of tor nodes generally refuses to connect to port 25 (the port of SMTP).

蓄意破坏:由于不会被识破,用户有时会利用 Tor 来对协作网站进行破坏,这导致许多的网站,决定部分限制对 Tor 的通讯。

Sabotage: because it can’t be detected, users sometimes use tor to destroy collaborative websites, which leads to many websites that decide to partially restrict the communication to tor.

Tor 不仅可以提供客户端的匿名访问,Tor 还可以提供服务器的匿名。通过使用 Tor 网络,用户可以维护位置不可知的服务器。当然如果要访问这个隐蔽的服务,客户端也得安装 Tor。

Tor can not only provide anonymous access for clients, but also provide anonymity for servers. By using tor network, users can maintain servers with unknown location. Of course, to access this hidden service, the client must also install tor.

通过 Tor 指定的顶级域名(Top Level Domain,TLD).onion,可以访问其隐藏的服务。Tor 网络可以识别自己的 TLD,并自动路由到隐藏的服务。然后,隐藏的服务将请求交由标准的服务器软件进行处理,这个服务器软件应该预先进行配置,从而只侦听非公开的接口。如果这个服务还可以通过公共的因特网来访问,那也会受到相关连的攻击,这样就没有真正的隐藏起来。

Through the top level domain (TLD). Onion specified by tor, you can access its hidden services. Tor network can identify its own TLD and automatically route to hidden services. The hidden service then hands the request to standard server software, which should be pre configured to listen only to non-public interfaces. If the service can still be accessed through the public Internet, it will also be subject to related attacks, so there is no real hiding.

Tor 隐藏服务有个另外的好处,由于不需要公开的 IP 地址,服务就可以躲在防火墙和 NAT 背后。

Tor hiding service has an additional advantage, because it does not need to disclose the IP address, the service can hide behind the firewall and NAT.

Tor 在中国大陆被许多人用于突破防火长城,这主要是因为中国大陆屏蔽了大量的海外网站和服务器。Tor 会自动检测节点是否可达目标地址。如果返回错误无法到达,它会自动更换节点。相应地,这种技术也可以用在中国境外模拟中国境内的节点,以访问一些境外无法访问的内容。

Tor is used by many people to break through the fire prevention the Great Wall in mainland China, mainly because mainland China has blocked a large number of overseas websites and servers. Tor will automatically detect whether the node can reach the target address. If the return error cannot be reached, it will automatically replace the node. Accordingly, this technology can also be used outside China to simulate nodes in China to access some content that cannot be accessed overseas.

而防火长城对于 Tor 一直没有很好的解决方法。现行比较有效的方法是对未使用 SSL(HTTPS)加密的连接进行特征检测并重置连接,或对已知节点和网桥进行 IP 地址屏蔽,也有在中国境内创建 Tor 的虚假节点以对通过其传输的数据进行最大限度的审查。

However, the great firewall has not been a good solution for tor. The current effective method is to detect and reset the connection without SSL (HTTPS) encryption, or mask the IP address of known nodes and bridges, or create false nodes of tor in China to review the data transmitted through them to the maximum extent.

作为反制,有部分大陆网民自发在中国境内建起网桥,帮助中国境内未能连接上 Tor 网络的用户连接。

As a countervailing measure, some mainland netizens have spontaneously built bridges in China to help users who are unable to connect to the tor network in China.

2009 年 9 月以后的一段时间内,使用的 Tor 的 0.2.1.19 版本,并不使用网桥的情况之下无法创建 Tor 的连接。然而使用的 Tor 的稳定版 0.2.1.20,仍能够创建 Tor 的连接,突破网络封锁且不需要勾选“我的 ISP 阻挡了对 Tor 网络的连接”的选项,即使用网桥。从理论上来说,在使用网桥的情况下,Tor 的总能创建连接,而不被封锁,因为网桥是可以动态更新的。

For a period of time after September 2009, the 0.2.1.19 version of tor was used, and the tor connection could not be created without using the bridge. However, the stable version 0.2.1.20 of tor can still create the connection of tor, break the network blockade, and do not need to check the option of “my ISP blocked the connection to tor network”, that is, to use the bridge. In theory, in the case of using a bridge, tor can always create connections without being blocked, because the bridge can be dynamically updated.

2010 年 6 月 3 日前后的一段时间内,使用 Tor 的 0.2.1.26 版本,在使用 Bridges 的情况之下,创建 Tor 的连接也相当的困难,显示的信息是“创建 Tor 回路 failed”,这说明防火长城成功侦测并截断了 Tor 的连接。但 Tor 的连接一旦创建后切断并不容易,所以 Tor 一旦成功创建连接后就无法被防火长城干扰。同年 8 月前后至今,Tor 又可以连接上。据全球互联网自由联盟上的用户说,只要加一次网桥,接下来就可以轻松连上 Tor 网络。

For a period of time before and after June 3, 2010, using the 0.2.1.26 version of tor, it was also quite difficult to create a tor connection when bridges was used. The message displayed was “create tor loop failed”, indicating that the Great Firewall successfully detected and cut off the tor connection. However, once the tor connection is created, it is not easy to cut off, so once the tor connection is successfully created, it can not be disturbed by the great firewall. Around August of the same year, tor can be connected again. According to users on the global Internet freedom alliance, you can easily connect to the tor network by adding a bridge once.

但在 2011 年 1 月之后,据大陆的网民反映 Tor 即使更换了网桥也无法正常连接上,但事实上这是网桥已经被屏蔽的结果。对于长期频繁使用和连接 Tor 的用户来说,由于 Tor 会缓存节点路由信息,所以只要这些节点或网桥没被封锁,他们照样能正常使用 Tor。

However, after January 2011, according to Internet users in the mainland, tor could not connect normally even if the bridge was replaced. In fact, this is the result of the bridge being blocked. For users who frequently use and connect to tor for a long time, because tor will cache node routing information, as long as these nodes or bridges are not blocked, they can still use tor normally.

自 2011 年 10 月后,当中国的一个 Tor 客户端与美国的网桥中继创建连接,一个中国的数据探针会在 15 分钟周期内尝试与 Tor 进行 SSL 协商和重协商,但目的不是创建 TCP 连接。12 月后这种行为停止 。

Since October 2011, when a tor client in China creates a connection with the bridge relay in the United States, a Chinese data probe will attempt to negotiate and renegotiate SSL with tor within a 15 minute period, but the purpose is not to create a TCP connection. It stopped after 12 months.


速搜资源网 , 版权所有丨如未注明 , 均为原创丨转载请注明原文链接:【速搜问答】洋葱头是什么
喜欢 (0)
[361009623@qq.com]
分享 (0)
发表我的评论
取消评论
表情 贴图 加粗 删除线 居中 斜体 签到

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址