How to become an author
Поехали в гик-трип по Календарю IT-ивентов?
Поиск
Профиль
Обновить

I2P – Invisible Internet Project

Время на прочтение 2 min
Количество просмотров 272K
Information Security *I2P *
Tutorial
Good day!

Recently, copyright organizations and "K departments" in many countries have begun to pursue very aggressive policies against online anonymity and piracy. Particularly indicative are the stories from torrents.ru And ifolder.ru.

You can read more about Internet censorship in Wikipedia.

To protect the user and hoster from the “harmful” influence of the state and private companies, the I2P network was created. What is it and how to connect to I2P - read under the cut.

So, let me bring you up to date


I2P is an anonymous encrypted network. It was introduced in 2003 by a community of developers advocating network security and anonymity.
By type of implementation it is overlay network and is located at layer 6 of the OSI model.

Each network client connects to other clients and forms tunnels through which traffic is transited (doesn’t it remind you of Skype?). The client program provides several interaction interfaces to other software:
  • SOCKS—proxy—is the most commonly used protocol. Allows you to use I2P in conjunction with almost any program that supports it.
  • SAM (Simple Anonymous Messaging) is a kind of API. Implemented on top of TCP.
  • BOB (Basic Open Bridge) is another API. In fact, a modernized version of SAM, but using separate channels for commands and data.


The official I2P package includes:
  • SusiDNS - DNS client
  • Susimail - email client
  • I2Psnark - torrent client
  • I2PTunnel is an I2P integrated program that allows various TCP/IP services to communicate over I2P using tunnels

All components are written in Java. If you haven’t changed your mind about installing it yet, then…

Let's connect!


  1. If you do not have the JRE installed, install: java.com/download
  2. First, download and install the client: mirror.i2p2.de/i2pinstall_0.7.14.exe. Linux/Mac users: don’t pay attention to the extension, run it like this: java -jar i2pinstall_0.7.14.exe

  3. Launching the client:
    a. Windows:
    Start -> I2P -> Start I2P (no window).
    b. Unix-like:
    Go to the client installation folder. Run the command: ./i2prouter start
  4. Set the proxy server in the browser settings:

    Method I: More difficult and better:

    In the client installation folder in the scripts folder there is a file i2pProxy.pac.
    In the browser settings, look for the line to enter the address of the auto-configuration of the proxy server:

    Firefox:


    Opera:


Method II: Simpler, but worse

In the browser settings set the proxy server address: 127.0.0.1 port 4444.
The method is worse in that if you want to return to the regular Internet, you will have to return this setting.

Ready!


Now you can open i2p sites, use anonymous torrents, mailers, etc..
Also, you can open the I2P router console and see what is there: http://127.0.0.1:7657

And finally...


Several useful links:
forum.i2p — Official forum of the network. There is a Russian section.
ugha.i2p — English wiki about the network.
echelon.i2p — Repository of programs using I2P.
tracker2.postman.i2p —The largest BitTorrent network tracker.
rus.i2p — Russian-language wiki about I2P.

Other related articles:
I2P - Creating your own website
Tags:
Hubs:
Всего голосов 138: ↑129 и ↓9 +120
Комментарии 120
+120
45
Karma
0
Rating
Alexander Shishenko @GamePad64

Programmer

Twitter Github Instagram

Comments 120

A UFO flew in and published this inscription here
what about Tor (The Onion Router) with a bunch of its implementations?
or I don’t understand everything and that’s not it?
Всего голосов 5: ↑3 и ↓2 +1
You can read a little about the comparison here: www.i2p2.de/how_networkcomparisons.
In a nutshell: Tor is optimized for use as a proxy chain for accessing the big Internet, and i2p is its own network.
Всего голосов 3: ↑3 и ↓0 +3
if I'm not mistaken, tor implies client anonymity (servers are not anonymous, data is confidential)
the same solution, judging by the meager description, implies anonymity for clients and servers
Всего голосов 1: ↑1 и ↓0 +1
I2P, unlike TOR, is completely distributed. Although they are similar. Briefly about the differences.
Комментарий пока не оценивали 0
Reminds me of a freenet network. There, as far as I know, the content is also distributed between nodes and is not stored in only one place.
Комментарий пока не оценивали 0
I2P is not fully distributed.
Each site on it is on its own, just like on the regular Internet, no one stores anything that belongs to others..

It is simply impossible to track the node at the other end of the connection. That is, what kind of machine this is - thepiratebat.i2p - is unknown.
Which means there’s no one to break hands.
Всего голосов 1: ↑1 и ↓0 +1
re: “It’s simply impossible to track the node at the other end of the connection. That is, what kind of machine this is - thepiratebat.i2p - is unknown.
Which means there’s no one to break hands.»

Correct me if I’m wrong - in Torah, for example, you can be _only_ a client by receiving and accepting “your” information through a network of intermediate nodes. In I2P, on the contrary, each client is also a server at the same time - that is, it passes other people’s information through itself. (the phrase “Essentially all peers participate in routing for others” from the I2P description)

That is, if, for example, person X wants to download some **bad content** via I2P, then the ip of the I2P network gateway, that is, of any network participant, will be visible in the logs of the server delivering the content. Therefore, I believe that using such a system is at least unsafe.
Всего голосов 1: ↑0 и ↓1 -1
Each individual customer is responsible for the fragment content exactly as much as one of the Skype users is responsible for a fragment of a conversation between two terrorists, routed through his Skype client.

The passing content, by the way, is encrypted in both places, so there is no way to separate “good” traffic from “bad”.

I didn’t understand the passage about ip and gateways - perhaps you misunderstand the principle of operation of the I2P network?
Всего голосов 2: ↑2 и ↓0 +2
I definitely don’t understand how I2P works, that’s why I’m asking

As for privacy and hand-wringing, aren’t you worried that someone will download some wildly forbidden porn from your IP? (for which they can put you in prison)
Всего голосов 1: ↑0 и ↓1 -1
Let me explain - byte streams pass through you as an I2P node. From nodes {A, B, C} to nodes {X, Y, Z}. The traffic is encrypted and there is no way to know what is in which stream. Moreover, even if there is a server broadcasting prohibited porn on node Z, you will never know..

That is, one relay M sees all passing connections as going from one relay (A) at one end to a relay (Z) at the other end. If Z is still a server, and the packet from A contains a request to it, it will be a pleasant surprise for him when he receives the packet, deploys his encryption layer, and sees a ready request there. From who-knows-who, known only under the intranet identifier.

Summarizing:
Nodes within a network are known by identifiers other than ip. It is technically impossible to obtain a match between ip<->I2P address (plus or minus errors in protocol implementation).
It’s just as impossible to figure out where the server is and where it’s just a tunnel - all traffic is tunneled from end to end.
The ends of the connection are isolated - that is, the packet goes along a chain, each link of which knows only about its neighbors.
Комментарий пока не оценивали 0
it would be good if it slowed down less than with a torus
Всего голосов 1: ↑1 и ↓0 +1
Rather, a comparison with Freenet would be more appropriate.
Всего голосов 1: ↑1 и ↓0 +1
A UFO flew in and published this inscription here
it makes me depressed, which is fed by fantasy books. It’s a shame that we are unlikely to live to see the times of accessible flights to other planets, when theoretically most of the necessary technologies already exist
Всего голосов 4: ↑4 и ↓0 +4
Well... they’ve already written somewhere about space travel and a hotel in space. Maybe it's not so bad ;)
Всего голосов 1: ↑1 и ↓0 +1
For me, this is a drop in the bucket. And in general, there is as much optimism as when talking about Skolkovo and Nanotechnology™.
Комментарий пока не оценивали 0
We have not yet come up with a way to live autonomously in space for several years, or even several decades. With current technologies, a flight even to the nearest planets of the solar system will take exactly that long. And there is nothing to do there - none of them are suitable for life. You can even forget about flights to neighboring star systems, where distances are already measured in light years..
So you can forget about other planets until they invent an engine that allows you to develop at least close to the speed of light. And this will not happen in the next millennium - because grandfather Einstein does not collect.
Комментарий пока не оценивали 0
until they invent an engine that allows them to develop at least close to the speed of light

Solar sail?
Комментарий пока не оценивали 0
And what speed does it allow you to develop? Again, at a certain distance from the Sun, the speed will drop significantly, and it is not at all a fact that there it will be possible to catch the “wind” from some other star. If calm at sea is very bad for a sailboat, then calm in outer space is an unconditional mess.
Всего голосов 1: ↑1 и ↓0 +1
By the way, I recommend the book “Michio Kaku” to anyone interested in ITT. Physics of the impossible»
A university professor breaks down common science fiction cliches in detail and sorts them into “possible/soon/impossible.” It is very smoothly written, and the topic is covered quite deeply. And interesting conclusions are often drawn.
Read it, you won't regret it.
Всего голосов 1: ↑1 и ↓0 +1
What about speed? And as far as I understand, without Internet, like netsukuku, it will not work?
Комментарий пока не оценивали 0
The speed directly depends on the number of nodes/speed shown in the statistics. And without Internet - again, it works if there are nodes on the local network. Even if not a single node has a connection to the external Internet, connection between them will be possible.
Всего голосов 3: ↑3 и ↓0 +3
This is great, I'm looking forward to the next articles then.
Всего голосов 2: ↑2 и ↓0 +2
And without Internet - again, it works if there are nodes on the local network.
good way to localize server location :-)
Комментарий пока не оценивали 0
I tried it. Connections went up quickly, it works much faster than the previously tested freenet. I'll throw Tor in the trash.
Всего голосов 2: ↑1 и ↓1 0
What does Tor have to do with it? These are completely different things.
Комментарий пока не оценивали 0
Despite the fact that it can be used in the same way :3
Комментарий пока не оценивали 0
It’s better to write about the content and in general about what is there. It is, of course, interesting: installing, configuring, watching how this thing works. But what next??
Всего голосов 6: ↑6 и ↓0 +6
There are sites - file sharing services, forums, wikis, imageboards, etc - that do not fight illegal content.
There are search engines, for example, i2poogle.i2p
Комментарий пока не оценивали 0
There is IRC - just connect with your favorite IRC client to localhost:6668
There is a built-in server for raising your own i2p site (“ipsite”, “eepsite”»).
Комментарий пока не оценивали 0
The question is, how compatible is standard software (except browsers) with this? Those. What level does it emulate? Just the level of HTTP requests or maybe lower? Is it really possible to run the same torrents using a standard client? What about socket connections??
Всего голосов 8: ↑0 и ↓8 -8
Re-read the article until enlightenment.
Всего голосов 13: ↑13 и ↓0 +13
and if I’m sitting at a nat, it will work?
Всего голосов 2: ↑2 и ↓0 +2
Yes, I'll do it myself, it's fine.
Всего голосов 3: ↑3 и ↓0 +3
even though it doesn’t open anything yet…
I'll wait a couple of hours…
Комментарий пока не оценивали 0
By the way, we already wrote about i2p on Habré. True, the author is now blocked.

Всего голосов 3: ↑2 и ↓1 +1
I haven’t looked through Habr for a long time. Can you tell me why I got iShift??
Всего голосов 1: ↑1 и ↓0 +1
No, I won’t give you a hint. I just remembered that almost a year ago, in the comments to a similar topic, I gave a link on how to start this thing in Bubunta. And then it just became interesting to find that topic.
Комментарий пока не оценивали 0
It would be interesting to read that topic.
Can you set up a link in Ubuntu, although I don’t have Ubuntu, but still.
Комментарий пока не оценивали 0
It’s not good to butt into a conversation, but in my article I did everything from Ubuntu (look at the screenshots =)). I2P starts on it exactly the same as on Windows.
Всего голосов 1: ↑1 и ↓0 +1
>>but in my article I did everything from Ubuntu (look at the screenshots =) )
Yes, I didn’t recognize Ubuntu right away. Thank you.
Комментарий пока не оценивали 0
I'd like to see a comparison with Netsukuku.
Всего голосов 4: ↑3 и ↓1 +2
Well, the main difference is that ntk aims to build a self-organizing [wireless] network. That is, this is infrastructure. And I2P is a logical add-on, implying that the underlying network is already working somehow. She only deals with working with peers.

In principle, the authors of ntk already mentioned in their documents that the protocol itself can be used to organize a logical network over.
Всего голосов 2: ↑2 и ↓0 +2
And the links at the end of the article only work if i2p is installed and configured?
Всего голосов 1: ↑1 и ↓0 +1
Yes, but there are proxy servers (so-called inproxy) with which you can access i2p sites from the wider Internet.

I only know one: i2p.to. It’s easy to use: add the ending to the domain .to.
For example: http://ugha.i2p --> http://ugha.i2p.to
Всего голосов 5: ↑5 и ↓0 +5
Yes
Комментарий пока не оценивали 0
To some extent, we can add the Ukrainian resource infostore.org here. Also without normal argumentation and the motives for seizing resources from the author are also unclear.
Комментарий пока не оценивали 0
everyone run there, oh wait, there’s anonymous loot there?
Всего голосов 6: ↑0 и ↓6 -6
In such networks there is a “last node” problem. If a site is located outside this network, then the owner of the last node through which direct communication with the target site occurs may be legally responsible. Or the burden of proof of non-involvement will simply be placed on him. From the outside it will look like you go to extremist sites, write insults against officials, and are interested in child porn.
Всего голосов 5: ↑2 и ↓3 -1
So the fact of the matter is that in i2p all sites are located within the network. This is how it differs from Tor..
Всего голосов 5: ↑4 и ↓1 +3
Thank you, I understand. An HTTP proxy is raised only at will, that is, it cannot become one by default?
Комментарий пока не оценивали 0
Well, let’s say, by default, TOR also does not work in output node mode. Only as a transit. And if you really want, you can enable the option.
Комментарий пока не оценивали 0
When I read the fakies, it was written that there are no exit nodes for torrent traffic. Has this changed somehow? You can now run an exit-node and have torrent traffic go through it?
Комментарий пока не оценивали 0
I don’t know this. I actually use the torus only for surfing. And even then in on/off mode via the Tor button for FF.
Комментарий пока не оценивали 0
Russian anonymous people even made a board there - 2ch.i2p
Всего голосов 9: ↑8 и ↓1 +7
There are even two of them, actually. There is also “3.5 Anon-chan” And at 12 o’clock there is a Russian section.
Комментарий пока не оценивали 0
Oh yeah! The shadow city is like Gibson's in Idoru. I have been dreaming about this for a long time, that the Internet will be reborn again into a pure world, a world without restrictions. Those who don’t like such a world and who find such a network dangerous can simply not enter there. Nobody can fucking handle it. And now they come in large numbers, now they speak out against pornography, now against anonymous gatherings.
Всего голосов 8: ↑5 и ↓3 +2
And not by chance alternative implementations? I don’t want to install the JRE just to “play around”».
Всего голосов 1: ↑0 и ↓1 -1
*No
Комментарий пока не оценивали 0
Unfortunately no. But I think if the network gains enough popularity, they will do it. All sources are open.
Комментарий пока не оценивали 0
I'll go off topic a little, but the more I know, the more paranoid I become. After I learned that every provider has such a thing as SORM from the FSB, I become scared for my anonymity.

Now I’m seriously thinking about things like I2P.
Комментарий пока не оценивали 0
Every provider SHOULD have one of these, but often smaller providers don't. Either “put into operation” or exists only on paper.
Всего голосов 2: ↑2 и ↓0 +2
Do you have something worth fearing? I’m not talking about what 90% have, but something serious? Or speak badly about our government?
Всего голосов 7: ↑1 и ↓6 -5
Do you never share any data that other people could use to their advantage to your detriment? I envy you!

We are not talking about purely political things or about offenses on your part; it is enough that, for example, someone can intercept information that compromises you, or information that, if it falls into the hands of an attacker, will harm your business interests. And it is difficult to believe in the holiness and purity of intentions of all people in uniform who may receive this information.

It is for this reason that illustration has always been considered a shameful matter of the state..
Комментарий пока не оценивали 0
Eric Schmidt, please log in.
Комментарий пока не оценивали 0
This thing is interesting, but it’s still not very popular, and copywriters don’t pay attention to it. If serious people take over this network, then it does not provide any real protection or anonymity - anyone can be reached through the chain. Yes, you don’t even need to go to any one - it’s enough to find a few extreme :(
Комментарий пока не оценивали 0
If I understand correctly, all data within the network is transmitted in encrypted form.
Комментарий пока не оценивали 0
Interestingly, in this implementation the connection log is destroyed reliably?
Комментарий пока не оценивали 0
How will this save??
So I went online, downloaded a movie, wrote down the IP addresses of those from whom I downloaded, and you can sue them, the provider will give out their names, and even if there is nothing to take from them - they are just the last links in the proxy chain, then or For complicity and assistance in illegal distribution, they can be prosecuted, or simply frightened, forced to spend a lot of time and money on trial and thereby discourage others.
Всего голосов 3: ↑1 и ↓2 -1
Where can you get their IP??
Всего голосов 4: ↑3 и ↓1 +2
They know how to hide the sender IP in a TCP packet?
Всего голосов 1: ↑0 и ↓1 -1
And carefully read the structure of the i2p network and understand how idiotic this question is?
Комментарий пока не оценивали 0
Read about how TOR works. And then transfer them to I2P, taking into account the fact that there will not even be information about the border nodes.
Комментарий пока не оценивали 0
urgently need to register “golden” site names :)
Комментарий пока не оценивали 0
All that remains is to launch an open cloud on top of this network and you will get what I wrote about here.
Комментарий пока не оценивали 0
Once a certain level of popularity is reached, the network will “allow” intelligence services there, as was the case with Skype. And there it’s not far from copycats
Всего голосов 2: ↑1 и ↓1 0
I'm a little off topic, but what about Skype and intelligence services??
Комментарий пока не оценивали 0
Skype has a bookmark for special services.
At least that's what people close to the intelligence services say.
Всего голосов 2: ↑1 и ↓1 0
What exactly does this bookmark do??
Комментарий пока не оценивали 0
Unlike Skype, there is no commercial feeder company on the network.
But there is an open source client.

Who will you put pressure on to force the algorithms to be weakened??
Всего голосов 3: ↑3 и ↓0 +3
There are three small trackers inside i2p, almost all films are in German. speed 2 kb/sec.
Комментарий пока не оценивали 0
«invisible internet" is a very correct name :)) nothing is visible ))))
Всего голосов 3: ↑2 и ↓1 +1
And you have it in your address book?
Комментарий пока не оценивали 0
Yes, I checked. And I even tried to use the helper link from the router’s address book.

Also, this doesn't explain the non-working thepiratebay.i2p.to/?
Комментарий пока не оценивали 0
i2p.to also does not have all existing addresses registered - there is still no centralized DNS service, as far as I understand.
Комментарий пока не оценивали 0
Damn, not there.

Here the answer is this - i2p.to says error 504, which means that the server was allowed to the address, but the “request timeout interval” for it was exceeded
Комментарий пока не оценивали 0
And I am more than sure that to watch these films from German it is enough to know only “das ist fantastish”».
Всего голосов 3: ↑2 и ↓1 +1
Originally, for Mac i2psvc is built only for PowerPC. Were they really too lazy to build a version for Intel?? :(
Комментарий пока не оценивали 0
It's all Opensource! There is time and opportunity - do it yourself, help the community!
Комментарий пока не оценивали 0
FreeNet However, it will be more progressive; it will also organize distributed storage. It’s just a pity that the files are not stored in parts and are not encrypted.
Комментарий пока не оценивали 0
judging by the situation with blackberry in Russia, everything that is encrypted is prohibited. So if there is no ban on the use of such networks, it is only because it is not yet popular.
Всего голосов 1: ↑0 и ↓1 -1
Is Skype already banned? Moreover, it contains proprietary encryption algorithms.
Комментарий пока не оценивали 0
Well, there are a number of countries where Skype is prohibited.
and if you google on the topic “skype SORM”, then there are two options: either they will try to ban (by the way, recently there have been such attempts on the part of operators) or they have learned to listen

excerpt from an article on WebPlanet last year:
[i]“There are foreign operators who provide VoIP services in Russia, but what to do from the point of view of SORM was completely unclear. Now this question has been voiced and understood,” said an insider at ADE. — The documents contain a technological solution that can solve this problem. Corresponding changes will be made to the draft act on the implementation of SORM in IP networks.”[/i]
Комментарий пока не оценивали 0
I apologize for the tags, I automatically remembered the BB code
Комментарий пока не оценивали 0
Thank you.
I would like an article on how to install an asus router with linux on a home box (I doubt it has java). And yes! How to download torrents?
Комментарий пока не оценивали 0
Download torrent client from echelon.i2p/
Комментарий пока не оценивали 0
Thank you.
But to open this link you must first install i2p?
And I’m still interested in working on the box.
Комментарий пока не оценивали 0
If you have Linux, then there is probably a JVM for it.
Комментарий пока не оценивали 0
Ubuntu 10.04, Google Chrome 5.0.375.86
The router is running, its configuration page opens, I can’t access network sites - “Unfortunately, Google Chrome cannot find the forum.i2p page.»
The proxy is configured like this:

I pressed the “To the entire system” button, rebooted, restarted the router, checked the correctness of the path to the file, and using the command cat <path in settings> the script is displayed.
Комментарий пока не оценивали 0
Intuition suggests that names should also be resolved through a proxy.
Комментарий пока не оценивали 0
The router's local console is visible?
Комментарий пока не оценивали 0
Yes, and you can see it in the screenshot.
Комментарий пока не оценивали 0
Maybe you connected to a small number of nodes?
Комментарий пока не оценивали 0
There are probing tunnels, collective clients, no transit ones, there is an inscription (in green) “We do not accept Tunnels: Message Delay is Too Long»
Комментарий пока не оценивали 0
Has the problem been resolved? Otherwise I have the same thing: Opera works in i2p without any problems, but Chrome doesn’t want to with the same settings. (Ubuntu 12.04)
Комментарий пока не оценивали 0
Try reducing the number of hops in the client settings.
Всего голосов 1: ↑1 и ↓0 +1
This is good, the more freenets the better. True, they are all half empty... it’s still hard to see us and they’re putting pressure on us on the regular Internet.
Комментарий пока не оценивали 0
Lol, when I try to search for a phrase written in Cyrillic on the tracker, it crashes with an error (as a bonus for novice hackers - the SQL code of the unsuccessful request :))
Комментарий пока не оценивали 0
Please explain how to proxy in Chrome-IE.
Комментарий пока не оценивали 0
Can I ask a stupid question? Is it possible to integrate I2P as a thread in vyatta? In general, I’m interested in how this thing can be done in a small box, so that you can immediately take it for growth…
Комментарий пока не оценивали 0
I can’t say anything about vyatta, I haven’t tried it. And for boxes... I tried it on a Raspberry Pi, but frankly speaking, it’s not fast.
Комментарий пока не оценивали 0
It's right. And not quickly - that's putting it mildly. Plus, after ~20 hours of work, Malinka freezes tightly. It does not respond either via the network or via the serial port. I had to do “i2prouter graceful” every 12 hours»

Now I have adapted CubieBoard for this purpose. So far it works without any problems. True message delay is 3 minutes.
Комментарий пока не оценивали 0
Only full-fledged users can leave comments. Sign in, Please.

Your account

Sections

Information

Services

Technical support Return to old version
© 2006–2023, Habr