Hands-On Dark Web Analysis E-Book

Hands-On Dark Web Analysis

Copyright © 2018 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Gebin GeorgeAcquisition Editor: Heramb BhavsarContent Development Editor: Ronn KurienTechnical Editor: Prachi SawantCopy Editor: Safis EditingProject Coordinator: Jagdish PrabhuProofreader: Safis EditingIndexer: Rekha NairGraphics: Tom ScariaProduction Coordinator: Jyoti Chauhan

First published: December 2018

Production reference: 1241218

Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK.

ISBN 978-1-78913-336-3

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

Improve your learning with Skill Plans built especially for you

Get a free eBook or video every month

Mapt is fully searchable

Copy and paste, print, and bookmark content

Packt.com

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.packt.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.packt.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks. 

Contributors

About the author

Sion Retzkin is an IT and security professional with over 20 years' experience in various technical and business roles. Sion was born in New York City, and has lived, studied, and worked internationally. Sion also delivers training to other professionals on the topics he's mastered, sharing his passion for security, ethical hacking, and information systems. With multiple certifications under his belt, Sion feels comfortable both in the boardroom, meeting customers, and working hands-on.

Today, he works at Pcysys, as director of customer success, which allows him to continue to do what he loves.

About the reviewer

Rishalin Pillay, with in excess of 11 years of cybersecurity experience, has acquired a vast number of skills consulting for Fortune 500 companies while participating in projects performing tasks in network security design, implementation, and vulnerability analysis. He holds many certifications that demonstrate his knowledge and expertise in the cybersecurity field, such as CISSP, CCNP Security, CCSPA, MCSE, MCT, A+ and Network+

Rishalin currently works at a large-scale software company as a senior cybersecurity engineer.

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Table of Contents

Title Page

Copyright and Credits

Hands-On Dark Web Analysis

About Packt

Why subscribe?

Packt.com

Contributors

About the author

About the reviewer

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Get in touch

Reviews

Disclaimer

Understanding the Deep and Dark Web

The origin of the internet

The Deep Web

The Dark Web

Law enforcement

Journalism

Privacy

Criminals

Drugs and illegal substances

Counterfeit goods

Stolen information

Hackers

Summary

Questions

Further reading

Working with the Deep Web

Maintaining privacy on the Dark Web

Transacting on the Dark Web

Secure transaction methods

Deep web emails - Onion Mail

Summary

Questions

Further reading

The Future of the Dark Web

What does the future of the Deep Web hold for us?

Dark Web currency

Dark Web markets

The TOR Project

Public interest in the Dark Web

Summary

Questions

Installing a Linux Virtual Machine (VM)

Linux Distributions

Installing and using a Linux VM

What else can we do with a Linux VM?

Running Linux from a USB flash drive

Summary

Questions

Further reading

Accessing the Dark Web with Tor Browser

What is Tor Browser?

Installing Tor on Linux

Installing Tor Browser via the Terminal, from the downloaded package

Installing the Tor Browser entirely via the Terminal

Tor Project recommendations on the safe use of Tor

Summary

Questions

Further reading

Installing Tails OS

What is Tails OS?

Tails OS installation prerequisites

Downloading Tails OS

Downloading Tails OS in Windows

Downloading Tails OS in Linux

Installing Tails OS

Installing Tails OS in Windows

Installing Tails OS in Red Hat, Fedora (any Linux distro that isn't Debian, Ubuntu, or Mint) for browsing the Dark Web

Installing Tails from the command line

Summary

Questions

Further reading

Installing Whonix

What is Whonix?

Whonix installation and prerequisites

Whonix download

Whonix installation

Using Tor Browser with Whonix

Summary

Questions

Further reading

Installing Qubes OS

What is Qubes OS?

Preparing to install Qubes OS

Hardware requirements

The installation process 

Accessing the Dark Web with Qubes

Summary

Questions

Further reading

What Goes on in the Dark Web - Case Studies

The good and evil side of the Dark Web

Onion websites

Illegal sales on the Dark Web using Bitcoin

The Silk Road

Terrorism

Summary

Questions

Further reading

The Dangers of the Dark Web

Online scams

Avoiding the risks on a Dark Web market

Dangers of the Dark Web

Access

Use and Misuse

Real Risks

Some general dangers

Summary

Questions

Further reading

Using the Dark Web for Your Business

IT professionals

Business companies

Law enforcement agencies 

Military organizations

Cybersecurity professionals

Summary

Questions

Further reading

Assessment

Chapter 1: Understanding the Deep and Dark Web

Chapter 2: Working with the Deep Web

Chapter 3: The Future of the Dark Web

Chapter 4: Installing a Linux Virtual Machine (VM)

Chapter 5: Accessing the Dark Web with Tor Browser

Chapter 6: Installing Tails OS

Chapter 7: Installing Whonix

Chapter 8: Installing Qubes OS

Chapter 9: What Goes on in the Dark Web - Case Studies

Chapter 10: The Dangers of the Dark Web

Chapter 11: Using the Dark Web for Your Business

Another Book You May Enjoy

Leave a review - let other readers know what you think

Preface

The World Wide Web is divided into three areas: the Surface Web, the Deep Web, and the Dark Web. The Deep Web and Dark Web are the two areas that are not accessible through general search engines or browsers. This provides several advantages, such as anonymity and privacy, but it also provides people performing illicit, illegal, or nefarious activities with the same benefits. IT and security professionals also gain benefits by accessing these areas. 

This book will initially introduce you to the concept of the Deep Web and the Dark Web and will examine their significance. Then, we will deep dive into the recommended ways to access them, by using various operating systems and tools such as the Tor browser. We will also discuss what data can be obtained there, best practices for using the tools for the best effect, and who uses the Deep Web and the Dark Web.

By the end of this book, you will have hands-on experience of working with the Deep Web and the Dark Web.

Who this book is for

This book is aimed at IT and security professionals, security analysts, and any stakeholder interested in learning the concepts of the Deep Web and the Dark Web. Some technical acumen is necessary for the hands-on parts of this book, such as internet browsing, the concept and use of virtual machines, and installing operating systems. The book includes step-by-step instructions, with screenshots of all the hands-on chapters.

What this book covers

Chapter 1, Understanding the Deep and Dark Web, starts by looking at where it all started, and we will talk about the terminology—what is the Deep Web? What is the Dark Web? We will also talk about the difference between the Deep Web and the Dark Web, and examine the reason behind the names and what can be done there.

Chapter 2, Working with the Deep Web, discusses using the Deep Web and the Dark Web. For example, how to access the Deep Web and the Dark Web, and what really goes on there? How can there be so many sites out there? In this chapter, we'll discuss how the Deep Web and Dark Web are used.

Chapter 3, The Future of the Dark Web, covers the usage trends in the Dark Web. We will also talk about how it is used today and where will it go from here. We will learn about what to expect in the future from the Deep Web and the Dark Web. We will learn about the future benefits (or dangers) we can gain from the uncharted territory of the Dark Web.

Chapter 4, Installing a Linux Virtual Machine (VM), explains how to install a Linux virtual machine.

Chapter 5, Accessing the Dark Web with the Tor Browser, will help you to learn about, install, and configure the Tor browser on a Linux distribution.

Chapter 6, Installing Tails OS, outlines another operating system that is useful for accessing the Deep Web—Tails OS. It is a live operating system that you can start on almost any computer from a USB stick or a DVD. In this chapter, we'll focus on installing Tails OS and accessing the Dark Web with it.

Chapter 7, Installing Whonix, covers another operating system that's worth mentioning: Whonix. Whonix is designed for advanced security and privacy. It's a heavily reconfigured Linux Debian that runs inside multiple virtual machines, providing a substantial layer of protection from malware and IP address leaks. Whonix is the only operating system designed to be run inside a VM and paired with Tor. In this chapter, we'll learn how to install and use Whonix to browse the Dark Web.

Chapter 8, Installing Qubes OS, covers a Xen-based operating system that is also considered extremely secure: Qubes OS, which will be the focus of this chapter. Qubes OS operates under the assumption that it has already been breached, so every application is run in its own virtual environment. In this chapter, we will learn how to install and use Qubes OS to access the Deep Web.

Chapter 9, What Goes on in the Dark Web – Case Studies, provides several examples of how the Dark Web is used in order to outline the dangers (and benefits) of going there. Anyone can access the Dark Web and, in this chapter, we will break down the types of people who access it, and why.

Chapter 10, The Dangers of the Dark Web, discusses the things that are lurking in the Dark Web. What are the dangers? How do we avoid them? These are probably the type of questions you've asked yourself when contemplating the Dark Web. Many people view the Dark Web as an evil place, teeming with malicious hooded hackers, just waiting for us to enter. In this chapter, we'll learn what the risks are in the Dark Web, and how to avoid them.

Chapter 11, Using the Dark Web for Your Business, moves on from who uses the Deep Web and Dark Web, and why. Now, let's learn how we can use them ourselves, to help us perform tasks, to help in our career, and more.

To get the most out of this book

You should have a USB stick and a computer you are willing to format, or a computer with enough resources to create virtual machines.

Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://www.packtpub.com/sites/default/files/downloads/9781789133363_ColorImages.pdf.

Conventions used

There are a number of text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "Double-click on the Start-tor-browser.desktop file to launch Tor Browser"

A block of code is set as follows:

html, body, #map { height: 100%; margin: 0; padding: 0}

Any command-line input or output is written as follows:

sudo apt install gnupg

Bold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "Now, plug in the second USB stick, go to Applications | Tails | Tails Installer (in Tails OS), and install Tails on it."

Get in touch

Feedback from our readers is always welcome.

General feedback: If you have questions about any aspect of this book, mention the book title in the subject of your message and email us at [email protected].

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packt.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Reviews

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packt.com.

Disclaimer

The information within this book is intended to be used only in an ethical manner. Do not use any information from the book if you do not have written permission from the owner of the equipment. If you perform illegal actions, you are likely to be arrested and prosecuted to the full extent of the law. Packt Publishing does not take any responsibility if you misuse any of the information contained within the book. The information herein must only be used while testing environments with proper written authorizations from appropriate persons responsible.

Understanding the Deep and Dark Web

The Deep Web, the Dark Web, the Dark Net.

We've all heard about them, if it's from a movie, TV show, the news, or even a friend or a neighbor. Most people view them as the same thing, which is as a depraved and illegal area on the internet, where sex-traffickers, drug dealers, weapons dealers, and others lurk in wait for innocent users.

The truth is very far from this. In this book, we'll understand what the Deep Web, the Dark Web, and the Dark Net are, how to access them safely and securely, who uses them and, ultimately, how we can use them for beneficial and good uses, rather than what the media publishes about them.

But, in order to fully understand them, we need to understand the origins of the internet, and how it works, as they are intrinsically connected.

We will cover the following topics in this chapter: 

The origin of the internet

The Deep Web

The Dark Web

The origin of the internet

Many of you might have heard that the internet was originally created by DARPA, The Defense Advanced Research Projects Agency, which is part of the United States Department of Defense, and is responsible for development of new technologies for use by the US military.

But, this is not necessarily the first appearance of the internet. Back then, it was more of an intra-net, as all the computers were on the same network. It all depends on how you define the internet. Nowadays, the internet is defined as a network of networks or multiple interconnected computer networks that provide communication and information capabilities, using standardized communication protocols such as Transport Control Protocol/Internet Protocol (TCP/IP )