Intro to Darknets: Tor and I2P Workshop
This class introduces students to the I2P and Tor Darknets. We cover setting up Tor & I2P, the basics of use, and how to make hidden services. We also go over case examples like Eldo Kim Harvard & the Harvard Bomb Threat, Hector Xavier Monsegur (Sabu)/Jeremy Hammond (sup_g) & LulzSec, Freedom Hosting & Eric Eoin Marques and finally Ross William Ulbricht/“Dread Pirate Roberts” of the SilkRoad, to explain how people have been caught and how it could have been avoided.
Darknets: anonymizing private networks talk from Phreaknic
(Networks covered include Tor, Freenet, AnoNet/DarkNET Conglomeration and I2P)
This is a quick and dirty version of my Darknets talk from Phreaknic 2009, I hope to have a better version up soon. It covers the the basics of semi-anonymous networks, their use (political dissidence, file sharing, gaming and pr0n), how they were developed and what they mean to organizations. The main focus will be on the Tor, I2P, Freenet and anoNet Darknets, their uses and weaknesses.
Cipherspaces/Darknets: An Overview Of Attack Strategies:
Darknets/Cipherspaces such as Tor and I2P have been covered before in great detail. Sometimes it can be hard to follow attack strategies that have been used against them as the papers written on the topic have been academic and abstract. What this talk will attempt to do is step back and give an overview of the topic in a manner hopefully more conducive to the understanding of security practitioners, giving more concrete examples. While little to nothing in this talk will be “new and groundbreaking” it should lead to a better understanding of how encrypted anonymizing networks can be subverted to reveal identities.
Live Version from Defcon 19.
Identifying the true IP/Network identity of I2P service hosts talk
Adrian Crenshaw, Blackhat DC 2011.
This talk will present research into services hosted internally on the I2P anonymity network, especially I2P hosted websites known as eepSites, and how the true identity of the Internet host providing the service may be identified via information leaks on the application layer. By knowing the identity of the Internet host providing the service, the anonymity set of the person or group that administrates the service can be greatly reduced. The core aim of this paper will be to test the anonymity provided by I2P for hosting eepSites, focusing primarily on the application layer and mistakes administrators and developers may make that could expose a service provider�s identity or reduce the anonymity set they are part of. We will show attacks based on the intersection of I2P users hosting eepSites on public IPs with virtual hosting, the use of common web application vulnerabilities to reveal the IP of an eepSite, as well as general information that can be collected concerning the nodes participating in the I2P anonymity network.
Locating I2P services via Leaks on the Application Layer Project Proposal
While at Phreaknic 14 I did a quick lightning talk on my project to test the anonymity provided by I2P. Mostly I’ll be aiming at web server misconfigurations in eepSites. It starts getting fast at the end because I was running out of time (10 min is kind of short for the subject). Still, I hope it is a good intro to I2P, and my plans.
Common Darknet Weaknesses
Presented by Adrian Crenshaw MCSE NT 4, CNE, A+, Network+. i-Net+ “Irongeek”
Ok, this talk did not come out quite as well as I hoped. I should be able to polish it more before Defcon
Darknets/Cipherspaces such as Tor and I2P have been covered before in great detail. Sometimes it can be hard to follow attack strategies that have been used against them as the papers written on the topic have been academic and abstract. What this talk will attempt to do is step back and give an overview of the topic in a manner hopefully more conducive to the understanding of security practitioners, giving more concrete examples. While little to nothing in this talk will be “new and groundbreaking” it should lead to a better understanding of how encrypted anonymizing networks can be subverted to reveal identities.
Installing the I2P darknet software in Linux
This video is intended to get you started with the I2P darknet software under Linux (Ubuntu 10.10 in this case). I’ve done a previous version that details installing I2P under Windows. I2P (originally standing for Invisible Internet Project) can be seen as a networking layer sitting on top of IP that uses cryptography to keep messages confidential, and multiple peer to peer network tunnels for anonymity and plausible deniability. While Tor is focused more for hiding your identity while surfing the public Internet, I2P is geared more toward networking multiple I2P users together. While you can surf to the public Internet using one of the I2P out proxies, it’s meant more for hiding the identity of the providers of services (for example eepSites), sort of like Tor’s concept of Hidden Services, but much faster. Another advantage I2P has is NetDB, a distributed way to let peers know about each other once initial seeding has occurred. Tor on the other hand uses it’s own directory to identify servers, which in theory could be more easily blocked. Both networks have their advantages and trade offs. This video won’t cover the details of I2P’s peering or encryption systems, and may seem kind of rambling, but it should be enough to get you up and running on the darknet. Welcome to Cipherspace.
Hosting Hidden Services in I2P: eepSites and SSH
Here is another foray into Cipherspace. In this video I’ll show how to get your eepSite up and running, along with pointing an HTTP tunnel to another web server besides the build in Jetty, and also how to host SSH inside of the I2P network.
I apologize for it being somewhat meandering, I was doing the video largely off the cuff. Also be aware that “Hidden Services” is more of Tor’s terminology for much the same concept, in I2P you set up “I2P Server Tunnels”.
Getting started with the I2P Darknet
I2P (originally standing for Invisible Internet Project) can be seen as a networking layer sitting on top of IP that uses cryptography to keep messages confidential, and multiple peer to peer network tunnels for anonymity and plausible deniability. While Tor is focused more for hiding your identity while surfing the public Internet, I2P is geared more toward networking multiple I2P users together. While you can surf to the public Internet using one of the I2P out proxies, it’s meant more for hiding the identity of the providers of services (for example eepSites), sort of like Tor’s concept of Hidden Services, but much faster. Another advantage I2P has is NetDB, a distributed way to let peers know about each other once initial seeding has occurred. Tor on the other hand uses it’s own directory to identify servers, which in theory could be more easily blocked. Both networks have their advantages and trade offs. This video won’t cover the details of I2P’s peering or encryption systems, and may seem kind of rambling, but it should be enough to get you up and running on the darknet.
The video can be downloaded from: http://www.irongeek.com/videos/getting-started-with-the-i2p-darknet.swf
An Introduction to TOR
This video serves as a brief introduction to the use of the Tor anonymizing network in Windows.
The video can be downloaded from: http://www.irongeek.com/videos/tor-1.swf
Setting Up Tor Hidden Services
In a previous video I covered using the Tor anonymity network to browse the web anonymously. In this one I’ll cover the basics of setting up a Tor hidden service. With a Tor hidden service, the true host IP of the service is hidden by the Tor network. Instead of having to hand out the true IP of the server, a service creator can hand out a *.onion hostname that’s not linked directly to them. By setting up a Tor hidden service it becomes much harder for an adversary to figure out where the service is really being hosted from, and thus much harder to shutdown. This is a great thing for people like whistle blowers and political dissidents that want to share information anonymously, unfortunately it’s also useful to pedos so be careful what links you choose to click on the onion network.
The video can be downloaded from: http://www.irongeek.com/videos/tor-hidden-services.swf
Never Ending Security 