A darknet is a routed allocation of IP address space that is not discoverable by any usual means. The term is used to refer to both a single private network and the collective portion of Internet address space that has been configured in that manner.

Technically, a darknet is a variation on a virtual private network (VPN) with additional measures in place to ensure that the network and IP addresses of members are not discoverable. The purpose is to hide not only the communications themselves but the fact that information is being exchanged. Members join with the expectation of being able to share information and/or files with little risk of detection.

Popular darknets include Tor (the onion router), Freenet and I2P. Such networks are typically decentralized, routing traffic through a wide-spread system of servers, which are often provided by volunteers. The complex routing system makes it difficult to trace communications.

Special-purpose darknets are most commonly used for illegal file sharing, which includes copyrighted media, pirated software, malware programs and illicit content, such as child pornography.

Another purpose of darknets is to provide a venue for private communication when public communication is undesirable, dangerous or not permitted. For example, when the Mubarak regime in Egypt shut down the Internet in that country, political dissidents used the Tor darknet to maintain communications with the rest of the world.

Darknets are also used in network security testing. The administrator sets aside a portion of unused IP address space for the darknet and configures a network-monitoring device to detect any traffic headed to an IP address within that range. Because no legitimate systems run on the darknet, any traffic for an address within it is from a malicious or misconfigured system. Darknets are especially useful for detecting systems that are infected by worms or other malicious programs that are attempting to spread on the network.

Despite all precautions, a darknet can never be completely undetectable. In October 2011, the hacktivist group Anonymous penetrated the Tor darknet to take down a website hosting service called Freedom Hosting, which was home to over forty child pornography sites. 



This was last updated in December 2011

Continue Reading About darknet

Dig Deeper on Network Security Monitoring and Analysis