I’m not a network security specialist but sometimes I’m curious about some topics and I like to test how they work.

Quite often I read in the news about darknets, recently the focus was on Silkroad and the ToR network.

What is a darknet?

darknet is an anonymizing network where connections are made only between trusted peers http://en.wikipedia.org/wiki/Darknet_(file_sharing)

I2P is one of those darknets that I wanted to test today. The website has a lot of information about how it works and why it was created:

The I2P project was formed in 2003 to support the efforts of those trying to build a more free society by offering them an uncensorable, anonymous, and secure communication system.

I2p provides Windows, Linux, OSX clients.

Basically the software creates a proxy that tunnels the traffic to the client to I2P network. The I2P client can run locally on the PC that needs to be connected to I2P, the connection happens setting the proxy in the browser to address 127.0.0.1 port 4444 fot http and 4445 for https. Another option is to install the client on a different machine and use it just like a regular proxy, that requires some additional configuration.

INSTALLATION

I’ve installed a fresh Debian 7 VM and added I2P following the instructions HERE.

Default installatino allows to access the configuration web interface only from local host. For the initial configuration just open a SSH connection with a tunnel like this:

i2p_ssh_tunnel

And then open a browser to http://127.0.0.1:7657

Enable access to the console from any IP inserting this line under “Advanced configuration”:

i2cp.tcp.bindAllInterfaces=true

i2p_bind

CONFIGURATION - TUNNEL

By default the proxy to access I2P is available only from the local host, to enable it for external machines enter the “Clients” tab

i2p_clients_tab

click i2ptunnel to create a new tunnel.

i2p_i2ptunnel

I did mine on port 8080 using the wizard:

i2p_new_tunnel [

CONFIGURATION - CLIENT

To access the I2P network the browser must be set to use a proxy that is the I2P machine itself with the configured port (8080 in my setup)

I used Autoproxy on Firefox and set the proxy only for the “i2p” string. That allows me to access both Internet and I2P without manually changing the proxy setting and leaving the other browsers untouched.

What now? There’s no search engine inside I2P but an address book that is a list of the published websites. The address book is available in the web interface but the names are not very clear about the content. I suppose most I2P sites are not published and must be accessed directly with the name, maybe another method of distribution is used.

I don’t comment the use of this kind of services, freedom of speech on one side and potentially illegal use on the other side, as any tool you can use it for good or bad, the tool itself is neutral.

With this post I just wanted to give a quik view of what a darknet is and how to access it, use it at your own risk.