Every Internet user, when browsing the web, leaves behind many more “traces” than he thinks. Sometimes their data is collected for statistics or accounting, and sometimes it can end up in the hands of criminals. But progress does not stand still. The development team created and launched the i2p project, which is a kind of antidote for curious sites and people. Now it remains to consider the question of how to use i2p.

So, i2p stands for Invisible Internet Project and is translated as “Invisible Internet Project”. With its help, you can create an encrypted network and remain anonymous when performing any actions on the Internet. The principle of operation is as follows: the user runs a program on his computer that works as a proxy server. All traffic is sent first to this proxy. We can say that i2p is a kind of intermediary between the computer and the end point of information delivery. At the same time, traffic entering this intermediary is encrypted by the gateway. Thus, already encrypted, protected traffic arrives at the endpoint.

It is worth noting that all information sent as a packet, when using such a proxy server, is divided into several packets and sent through random channels that change every minute. And the IP address itself will be replaced with a random one cryptographic key. That is why it becomes almost impossible to establish which computer was the sender.

Is it worth using i2p?

Such a project may be of interest to those for whom the following is important:

• inability to determine the IP address from which certain information was sent;
• inability to track actions;
• lack of DNS servers;
• dividing outgoing traffic into packets and sending in parts;
• encryption of outgoing traffic;
• lack of censorship;
• the ability to use anonymous email;
• the ability to visit anonymous sites;
• the ability to anonymously transfer data, for example, torrent files;
• the ability to anonymously use instant messaging services (IRC and Jabber or an alternative service);
• the ability to visit uncensored sites.

What services are built into this program?

• Mail - classic mail with many settings and the ability to use any mail client;
• Bote - analogue of mail;
• IRC - chat;
• Jabber - chat;
• Messenger - “branded” chat;
• Speedtest is an analogue of the well-known speed meter;
• Rapidshare - file sharing service;
• Privacybox;
• Radio - actually, radio.

Users of which operating systems can install “invisible Internet”?

At the moment, such a proxy server is compatible with most popular operating systems, and can also work even with weak PCs, since it is not a resource-intensive application. So, owners can install it:

• Windows;
• MAC OS X;
• BSD, Linux, GNU, Solaris;
• Ubuntu, Debian;
• Android.

Setting up i2p

In general, to work on the anonymous Internet you need:

• download and install the i2p program;
• configure the browser to work with the program through a proxy;
• run the installed program;
• launch the configured browser.

First, download the program itself - i2p can be downloaded from this website. Select the one you need installation file, depending on our operating system, and download it to your computer. The figure shows an example of using Windows.

After the program has been downloaded, you need to check Java version Runtime - it must be at least 1.5. But you don’t have to bother with checking it - the program itself will tell you everything. Let's look and do it.

Let's launch the installer. Let's start the installation. Click the “run” button.

Click OK. We are transferred to download Java.

Click the big red download button. A window pops out.

We agree to the terms - just click the button and download the toad installation file, i.e. (forgive me, Lord) Java. let's launch it I won't tell you in detail how to install such a product, because... everything is quite simple. Those who failed can write in the comments.

Let's look at an example of working in a browser.

You need to go to your browser settings, select network/proxy settings there and install an HTTP proxy server by entering the IP address 127.0.0.1 and port 4444.

Let's look at this action in detail (with pictures).

In the upper left corner of the browser, click Firefox, then “Settings”, in the opened context menu click “Settings”

On the “Network” tab, click the “Configure…” button.

Then press the radio button “ manual setting proxy server." We enter the IP address 127.0.0.1 and port 4444 in the appropriate fields.

And click OK.

The next step is to install a proxy server on your computer.

Launch the downloaded router program. A window pops up.

Click OK. And we continue setting up.

Click “Completed”.

After installing the program, launch it. Our face will be revealed, i.e. router console.

You can do nothing in this console. Just checking what we have installation in progress as it should.

Now look, if the green dot “Collective channels” lights up in the panel on the left, then the setup is complete. But what to do next will be discussed in the next article.

I2p is a program that is easy to install and does not require specific knowledge to use. It allows you to remain anonymous online, which significantly increases security and personal comfort. It should be noted that the program will work even if the number of users is two. Well, as the development of the program and service continues, you can expect many new and pleasant features.

I2p is an anonymous network for invisible access to the Internet. Most often it is used to protect data transfer. Using I2p is possible on regular computers and on Android devices. To access the Internet invisible, you need to install special program to your computer. The program is distributed free of charge and is available on the official website of the developer.

At its core, the I2p network is not direct access to the Internet. All requests pass through so-called “tunnels”, which ensure anonymity and data protection.
In this article we will look in detail at how to download and install the I2p program on your computer, what settings you need to make in order to be able to visit sites anonymously.

1. To download, go to the official website geti2p.net.
2. On home page you will see a big green button “Download I2P version 0.9.33”, click on it.
   
3. The next step is to download the version of the program for your computer. Currently you can install I2p on Windows, MAC, Linux, Debian and Android.
   Choose the appropriate version, for example, for Windows. Download the file by clicking on it.
   
4. The corresponding file will begin downloading to your computer; in this example, we will look at installing I2p for Windows. The file size is 17.6 MB.
5. Wait for it to finish downloading and go to the “Downloads” section on your computer. Find the downloaded file there and double-click on it to start the installation.
   
6. The program will ask you to select a language; the default is Russian. Click OK.
7. A welcome message from the program will appear, click “Next”.
   
8. The program will prompt you to read the rules, click “Next”.
   
9. The next step is to select the kits to install. Check the boxes as indicated in the picture below and click “Next”.
   
10. Select the installation directory - by default, the program will offer to install the installation on drive C, click “Next”.
    
11. Confirm the creation of the installation directory by clicking “OK”.
12. Now you need to configure the creation of shortcuts. Everything here can be left as default. If desired, you can create an additional shortcut on the desktop by checking the appropriate box and clicking “Next”.
    
13. The program will begin installation, the whole process takes just a few seconds. After 2 blue completely filled stripes appear, click “Next”.
    
14. The I2p installation is complete, to close the window, click on the “Complete” button.
    
15. To open the program, go to the “Start” section and click “Start I2P”.
16. In just a few seconds it will open on your computer. Internet Explorer with the router console.
    

I2p setup

You will see basic recommendations for setting up your router immediately after opening the program in Internet Explorer. They are located in the topmost window. Here you can find a small instruction, as well as links to the “FAQ” section on the developer’s official website.
First you need to go to network settings and set a speed limit that matches your internet connection.

How to fix errors

Here you should pay attention to the following parameter - the “OK” icon should appear in the “Network” column. This means that all settings are correct and the router is ready for use.

If any error is displayed in the “Network” column, it must be corrected. Very often the error “Blocked by firewall” appears. In this case, you need to go to the network settings in the “Network” section and check whether you have the checkbox next to the item “Use UPnP to automatically open ports on the firewall” checked. If this checkbox is checked, but the error does not disappear, then you need to go to the router settings and make the necessary changes there.

To do this, go to the settings of the router that you use to connect to the Internet. Find the item “UPnP Settings” in it. Here you need to enable UPnP and save the changes.

After making changes to the router, go and update the I2p console. The error should disappear. Opposite the “Network” item, the inscription “OK” should appear.

I2p library

The entire anonymous I2p network is completely decentralized and does not have a single database. When installing the program, each user must independently download and update their address book. Initially, there will only be about 400 sites on the I2p network, so new libraries need to be added to it. To do this, go to the “Subscriptions” section.

You need to insert additional libraries into the “Subscriptions” column and click on the “Save” button. The I2p network developers themselves provide 3 libraries by default. However, on various forums and sites on the Internet you can find a much larger number of different libraries.

How to increase speed and traffic

To do this, go to the “Traffic” section, to the “Speed ​​Limit” item. The default here will be 40 kilobytes per second, you need to change these numbers by simply adding a 0 at the end. When using an I2p network, you should always remember that your computer, once connected, will also participate in transmitting traffic to other users. Even when you do not use the network and do not open sites on the Internet. After connecting to I2p, your computer will also be a chain in the distribution and transmission of traffic.

To regulate the data transfer speed, you can change the figure in the “Share of transit traffic” column. The higher the percentage set, the higher the data transfer speed will be.

Adjusting the length of tunnels

To regulate tunnels, go to the "tunnels" section. A special panel will open in which you can set the length of incoming and outgoing tunnels. Here you can set different tunnel lengths, depending on your goals. On average, 2 tunnels are enough to ensure anonymity and good speed of opening sites.
It should be remembered that the longer the tunnel, the higher the anonymity and the slower the sites will open. If you want to get greater anonymity, then you need to increase the tunnel length. If it is important for you that the site opens quickly, then set the tunnel size to medium or small.

In the light total surveillance Many users are looking towards solutions that allow them to hide their private lives from prying eyes. The two most popular options are Tor and I2P. Tor has appeared on the pages of the magazine more than once, and with its reliability, in principle, everything is clear - the developers themselves write that it does not grant one hundred percent anonymity. But today we will have to figure out I2P on our own - is this thing really as reliable as many people think?

A little history

In the early 2000s, there were many P2P networks, the practical application of which was file sharing. The copymasters were furious because everyone was involved in distributing the files at once. Attempts to arrange a “demonstrative flogging” of individuals only led to colossal expenditures of time and money with zero final result. For those who were afraid of being among the “throwaways,” the Freenet network was proposed, the key idea of ​​which was the exchange of encrypted blocks of data, while the participant had no idea what kind of data it was if it was not intended for him . Although the network provided other services, such as completely anonymous forums, in fact everything came down to downloading files.

I2P tasks

The main tasks of I2P are as follows:

1. Hide the location of eepsites.
2. Hide the location of clients connecting to eepsites, including from the sites themselves.
3. Make it impossible to restrict access to sites by providers and/or backbone nodes.

Over time, all file sharing moved to torrents. As a result, the idea arose of developing Freenet in the direction of the “invisible Internet” - an anonymous network over existing internet. This is how I2P was born. For a long time the project was of interest only to its creators and a certain number of geeks. Soon the struggle began to be waged over the information itself, since, on the one hand, the majority of people began to use the Internet, and on the other hand, the Internet turned out to be a place for the exchange of information not controlled by anyone. It became clear that this could not continue for long, and a new wave of interest in such projects arose.

WARNING

All information is provided for informational purposes only. Neither the editors nor the author are responsible for any possible harm caused by the materials of this article.

I2P and Tor

The “trigger” that aroused mass interest in the “invisible Internet” was the legislative restriction of access to information resources in a number of countries, as well as Snowden’s revelations about surveillance of everyone. Of course, many did not like this: indeed, why on earth is it unclear who will decide for an adult capable person what information he should receive and what not. As for surveillance, it is not pleasant to anyone at all. Realizing this, the average person rushed to look for the two magic buttons “Bypass censorship” and “Hide from surveillance.” And he received such “buttons” in the form of special browsers or browser plugins for the Tor network. Technically literate people paid attention to the I2P network as an alternative to Tor. Since you, dear reader, are a technically literate person (otherwise why would you need a “Hacker”?), then after reading this article you will understand what problems the I2P network solves and how it does it. You should pay attention to the main difference between I2P and Tor: Tor’s main task is to hide the true IP address of the client accessing the server. By and large, servers do not care about how clients connect to them - rather, Tor is an extra headache for them because of hooligans, while in the case of I2P, on the contrary, the owners of servers (eepsites) host them anonymously, and clients are forced to use I2P if they want to access these servers. Thus, Tor is a network of clients, and I2P is a network of servers. Of course, there are onion sites in Tor and exit nodes in I2P, but these are rather side technologies.

Myth busters

There are several popular myths about I2P floating around the Internet that many people believe. We will dispel them. Myth 1: the more participants, the faster the network works. But in fact: everyone new member must keep its database up to date, so the network, and especially floodfills, will simply choke in the flow of such requests. As a result, some nodes will simply become inaccessible to other nodes. Myth 2: the higher the share of transit traffic, the higher the anonymity. But in fact: I2P operates with separate packets, so real tunnels are not built on top of the regular Internet, as, for example, in a VPN. For each package, select suitable way delivery, regardless of whether it is your own package or a transit one. The provider sees the participant’s activity as an exchange of encrypted packets with different addresses, chosen rather haphazardly. In this flow, in addition to tunnel messages, there are a large number of messages transmitted directly. On the other hand, a node can see part of the transit traffic if it is the end of the tunnel and not an intermediate node, in which case from the outside the transit tunnel looks exactly the same as its own. Myth 3: Tor uses multi-layer “onion” encryption, while I2P uses more advanced “garlic” encryption, in which a message consists of several “garlics” intended for different nodes, while a node can only decrypt its own “garlic”, the contents of the others he doesn't know. But in fact: initially it was planned this way, however, due to the need to use tunnels in “outgoing - incoming” pairs, it was necessary to encrypt the entire “garlic”, and not each “garlic” separately. Indeed, the message, clearly called “garlic,” consists of “garlics,” but since its structure becomes visible only after decoding, the “garlics” actually degenerate into fragments of tunnel messages. What real “garlic” encryption should look like can be understood from the mechanism for creating tunnels: a message consists of several records, all of which are encrypted except one, intended for a given node; he re-encrypts the message with his key and sends it on. Naturally, the next node is assigned a different message record. Thus, the declared “garlic” encryption is used in only one message, which is used relatively rarely, while the main data stream uses conventional multi-layer encryption: intermediate nodes each encrypt the message with their own key, and the owner decrypts it using these keys sequentially.

How do I2P participants find each other?

Let's start by looking at the mechanisms built into I2P that allow participants to find each other, and try to find potential vulnerabilities in them. Each I2P node is identified by an I2P address, which is two pairs of public and private keys randomly generated at node creation, without any correlation to the IP address or location. There is no central source of addresses; it is assumed that the probability of two randomly generated addresses matching is negligible. One key pair is used for asymmetric encryption and the other is used for signing. The owner of the node is the one who has a file with a complete set of keys, 660 bytes long. This file is located on the owner's computer and is not transmitted over the network. Two public keys and a 3-byte certificate (currently always null) form a 387-byte node ID, by which the node becomes known in I2P. Since the full 387-byte identifier is quite inefficient for comparing, sorting, and transferring data, a 32-byte SHA-256 hash of the identifier is used to identify a node. The Base32 string representation of this hash is the address in .b32.i2p addresses. But what if only the hash is known, but you need to know the public keys contained in the identifier, for example, for encryption or signature verification? For this purpose, there is a network database (netDb) - not a very good name; it would be more correct to call it a network database, but this is already established terminology.
Each participant has their own database, and one of the tasks of the client program is to keep the database up to date. If a node with the desired hash in local base is not found, then you should ask other nodes about it; if the requested node has an address in the database, then it will respond with information about it, otherwise it will return a list of three other nodes where, in its opinion, the address may be. That is, to find out information about a node, you need to know at least its hash - the ability to download a list of all currently known nodes is deliberately absent. A “probing” mechanism is also provided, in which a request for a randomly generated hash with a special flag is sent, and then the node will return a list of three nodes present in its database, whose hashes are most “close” to the requested one, thereby allowing you to find out about new participants.

We deceive newbies

Having a local database allows a participant to access the network immediately without having to access node directory servers, as is done in Tor (because of this, the Chinese government was able to shut it down in 2010, blocking access to directories). However, such decentralization has one significant drawback: in order to receive information about new nodes, some nodes must already be present in the local database. This means that when you first start, you will have to download them from somewhere. This process is called “seeding” and consists of downloading files from large number hard coded sites. It is enough to block access to these sites, and new nodes will not be able to start. True, in this case, for the first launch, you can simply take the list of nodes from someone else. It is much worse if access is not blocked, but redirected to sites with a fake list of nodes - thereby the new node risks ending up in a network isolated from the rest, and no simple way recognize this situation. To their credit, the developers understand the scope of the problem and are working to distribute the initial list of nodes in the form of an archive signed with their key through various channels.

Invisible Internet

The I2P network consists of two types of nodes: routers, which in addition to I2P addresses have regular IP addresses and are visible on the regular Internet, and nodes located behind the routers and do not have their own IP addresses - they form the very “invisible Internet”. Routers are represented in the network database by the RouterInfo structure, in addition to a full identifier containing one or more external IP addresses and available protocols, as well as a list of capabilities of this router, the most important of which is floodfill. Floodfill routers serve as a kind of “bulletin boards” where nodes publish information about themselves and where client requests come. To avoid tampering, the data is signed with the key included in the address. Since information about the router changes quite rarely, the corresponding files are saved on disk and loaded into memory at startup. A normally functioning I2P client should have about several thousand such files.< This is what the RouterInfo file of a typical floodfill looks like. The “Invisible Internet” is represented by LeaseSet data structures containing a full identifier, an additional encryption key and a list of tunnels leading to the router with this node. Although routers themselves have incoming tunnels, they never form LeaseSets: routers should always be accessed by establishing direct connections with them, and tunnels are used only to receive responses to requests. Since the lifespan of one tunnel is ten minutes, LeaseSets also exist for a short time and therefore are not saved on disk, but are re-requested again upon restart. Tunnels and the encryption key from the LeaseSet are the only way to access an “invisible” node, that is, knowing the address, you should first request its LeaseSet from the floodfill closest to it and then send a message to one of the tunnels. To receive a response, you need to create your own LeaseSet, which can be sent along with the message or published on the nearest floodfill. The inability to determine which router is hosting a particular LeaseSet is the cornerstone of I2P anonymity technology. Accordingly, most cybercriminal attacks are aimed at solving the opposite problem. To this end, I2P uses strong cryptography to transmit information, hiding data from particularly curious providers of different levels, and successfully used electronic signatures make the network resistant to man-in-the-middle attacks.

Intercepting tunnels

To ensure anonymity within I2P, tunnels are used, which are chains of routers through which messages are transmitted. There are outgoing and incoming tunnels. Outgoing is designed to hide the location of the sender, while incoming is intended to hide the location of the recipient. Therefore, LeaseSets are a list of input nodes and identifiers of incoming tunnels; information about outgoing tunnels is not published. The location of the second end of the tunnel is kept secret. To receive responses, the client sends its own LeaseSet to the server. Which way the tunnel is laid and, accordingly, at which node its second end is located, is known only to the creator of the tunnel. All intermediate participants in the tunnel know only the next node to which the reencrypted message should be sent. But this is in theory - in practice, intermediate nodes also know where the message came from, because messages between nodes are transmitted over the regular Internet and it is not difficult to find out the sender’s IP address. Further, if the database size is sufficient, you can also find RouterInfo. Thus, if intermediate node If the tunnel belongs to an attacker, he will immediately recognize his two neighbors, which compromises one- or two-step tunnels, since it allows the entire chain to be tracked. Theoretically, it is possible to increase the length of tunnels up to eight nodes, but practically every additional node sharply slows down the speed and reliability, since the presence of a node online for the entire lifetime of the tunnel is not guaranteed. That's why I2P currently uses three-step tunnels. Thus, to successfully de-anonymize a node, an attacker should find out the route of any of the tunnels at any time - for this it is enough that two nodes of one tunnel are accessible to the attacker. With the current network size of several thousand nodes, such a scenario is quite within the capabilities of large structures. If the previously described interception of reseeding will help little in de-anonymizing servers, since servers select nodes of incoming tunnels themselves, then to identify clients visiting “unreliable” resources, this method ideal: all nodes, including output nodes, used by the client to build its outgoing tunnels, will a priori belong to the attacker. Thus, it will immediately become known where the message intended for some incoming server tunnel came from.

Attack by exclusion

For those who do not have sufficient resources to capture a large number of nodes, but have time and patience, another method is suitable. Its goal is to sharply narrow the circle of “suspected” routers (with proper luck, even to one) on which the desired node may be located. The possibility of carrying out such an attack is due to the P2P nature of the I2P network - most of the network’s routers are not online 24 hours a day, since they are located on the computers of its participants. On the other hand, the features of I2P are exploited:

1. The tunnel's lifetime is ten minutes.
2. A node does not participate in the tunnel twice.
3. To build a tunnel, a new sequence of nodes is selected each time.

Before launching an attack, the attacker collects a fairly extensive database, assuming that it also contains the router of the attacked node. Next, it begins to constantly contact the attacked node with a request that expects to receive a response. This can be done unobtrusively, the main thing is that the request and response are ongoing, thereby the attacker determines the time intervals when the attacked node and, accordingly, its router are online. At the same time, the remaining routers are polled by establishing a direct connection, sending some kind of request, or creating a tunnel. This is done en masse for the shortest possible period of time. Those routers that turn out to be inactive while the attacked node shows activity are removed from the list, and vice versa - active routers are removed when the node is inactive. If the attacked node is active all the time, then eventually the list will consist of constantly active routers. And it may turn out to be quite large. This is where the features listed above come to the aid of an attacker: the input routers of tunnels included in the LeaseSet of the attacked node are obviously not its router and can be immediately excluded. The LeaseSet is updated at least once every ten minutes and typically contains five tunnels. 30 nodes will be excluded in an hour, 720 in a day, so searching through a list of 5 thousand nodes will take no more than a week.

Identifying neighbors by the smell of garlic

To ensure anonymity on both sides, tunnels are used in pairs: the sender's outgoing tunnel and the recipient's incoming tunnel. Since tunnels are created independently of each other, the output and input routers at the junction of the tunnels see unencrypted transmitted data. Therefore, an additional level of encryption is used on top of the tunnel one - a special “garlic” message, fully encrypted and intended for the end nodes in the chain. The problem is that the host router, not the host itself, is responsible for decrypting such messages. Thus, the encryption key present in the full identifier is not used; instead, the LeaseSet contains a separate encryption key generated by the router on which the LeaseSet is located. In this case, the key must be the same for all nodes located on the router, even if each LeaseSet uses its own set of tunnels. It cannot be otherwise, since the “garlic” message must be deciphered before it becomes clear to whom this or that “garlic” is intended. As a result, the initially sound idea of ​​“garlic” data transmission took on such an ugly form when transmitted through a couple of tunnels. Thus, the encryption key published in the LeaseSet is the unique identifier of the corresponding router. It is enough to compromise any of the nodes to also compromise all the others, including client ones. To carry out this attack, the attacker should launch one or more floodfills, where nodes will publish their LeaseSets.

Conclusions

Summarizing the above, we come to the conclusion: I2P anonymity in its current state is only basic in nature, allowing one to hide only from passive surveillance, such as the collection of marketing information. Of course, carrying out these types of attacks requires serious resources, such as high-speed servers and specialized software, but if someone really needs it, they can reveal anonymity quite quickly. Increasing the number of nodes in the network could solve this problem, however, with the current organization of the network, this will lead to its actual collapse. At the same time, I2P is perfect for building “indestructible” resources, access to which cannot be limited in principle.

I2P– An anonymous network created in 2003 by German developers. Unlike and is not spammed by sites with dp. There is a more adequate public, but it seems to be temporary. It was created with the goal of complete anonymity, and they succeeded. All traffic goes through “tunnels” through the same network participants. The network does not have name servers (DNS); all information about sites is stored in address books, updated like a torrent network. There is no point in telling why you need this network; if you need to go there, you know why. At the end of the article you will find a video that tells you how to connect to the i2p network.

I2P sites

Everything went according to plan and now you can open and use sites i2p I will describe some of them:

• http://forum.i2p/ - forum i2p with Russian section
• http://hiddenchan.i2p/ - Hidenchan. Russian-language imageboard
• http://rus.i2p/ – Russian i2p WIKI - basically describes the capabilities and network of i2p, there is a list of Russian-language sites.

Problems and errors

Main problems and their solutions. If you have any questions, you can use

I2P(Invisible Internet Project) - a decentralized anonymous network. Like TOR, only better, because it will not allow you to deanonize the user even if some of the intermediate nodes are compromised. Decentralization means that the operation of I2P does not depend on any central nodes or “supernodes” (for example, there are no DNS servers or their analogues).

How to use

First of all, you should install the package i2p

sudo apt-add-repository ppa:i2p-maintainers/ i2p sudo apt-get update sudo apt-get install i2p

Then you need to launch the software router to connect to the I2P network. If you plan to rarely use this network, you can launch it with the command in the console (on behalf of your user, without sudo):

I2prouter start

If the java service wrapper (http://wrapper.tanukisoftware.com/) is not used or the previous command does not work, then the launch is performed with the command (do not use sudo and do not run as root):

I2prouter-nowrapper

If access to the I2P network is required constantly, then perhaps you should run the I2P router as a daemon. To do this, you need to run the command to reconfigure the i2p package in the console:

sudo dpkg-reconfigure -plow i2p

which will display a text interface in the console with the ability to select parameters, such as allowing the I2P router to start as a daemon at system startup, the memory limit for the I2P router, etc. Upon completion of the reconfiguration, the I2P router will be launched as a system daemon.

If the I2P router was launched on behalf of the user, then after a while the local address http://127.0.0.1:7657/home - “I2P router console” - will open in the default browser.

Now let’s explain to the system (and the browser as well) that addresses like example.i2p need to be accessed through the localhost:4444 proxy. Create a new proxy.pac text editor, paste there:

function FindProxyForURL(url, host) ( if (dnsDomainIs(host, ".i2p" ) ) ( return "PROXY 127.0.0.1:4444" ; ) else ( return "DIRECT" ; ) )

Save. Open “System Settings” → “Network” → “Proxy Server”, in “URL” automatic settings» indicate the newly created file. All.

Attention! The method described above is not secure from an anonymity point of view. It is better to select a separate browser and specify only i2p in the proxy settings. And also disable access to regular web resources - clear the “List outproxy(x)” field on the page http://localhost:7657/i2ptunnel/edit.jsp?tunnel=0

It is worth remembering that due to the nature of the network architecture, I2P does not immediately start working; you need to wait until your computer is more or less integrated into the network (several minutes or more).

i2prouter is controlled via a web interface.
http://localhost:7657/config – settings
http://localhost:7657/tunnels – tunnels

I2P on a dedicated server

This instruction is relevant for home server located in one local network with a local computer. For VPS/VDS you need to make adjustments to this manual

Installation is carried out in the same way as on local computer. After installation, you need to make a tunnel from port 7657 to port 7657 of the server.

ssh user@ server -L7657:127.0.0.1:7657

If the server shell prompt appears in the console, the I2P Web interface will become available at localhost:7657

sudo nano /var/lib/i2p/i2p-config/clients.config

Find a similar line there

ClientApp.0.args=7657::1,127.0.0.1 ./webapps/

and bring it to this form

ClientApp.0.args=7657 192.168.1.2 ./webapps/

Where 192.168.1.2 is the IP of your server. Then you need to restart I2P and wait until it starts. If all settings are completed correctly, the I2P web interface on the server will become available at http://server-ip:7657/.

Proxy from any IP

File sharing

Today, the exchange of content of varying degrees of legality is the main application of I2P. There are a number of specialized programs for this, for example, Robert and iMule (the I2P version of aMule).

Installing iMule

Install the dependencies (I only needed one):

Sudo apt-get install libcrypto++9

Download the latest version of iMule and install it something like this:

Dpkg -i imule_2.3.2.0-precise-amd64.deb

We launch it, on the KAD tab in “Initialization” - “From URL” we indicate, for example, http://echelon.i2p/imule/nodes.dat, press Enter. We are waiting for the file to download. After that, don’t forget to wait a little longer, and you can use it.

For some reason, my program does not connect to KAD every time, it helps to close it and start it again.

Troubleshooting

This section will describe possible problems with the launch and operation of iMule.

When the program starts, nothing happens; if you run it through the terminal with the imule command, the following error is displayed:

imule: error while loading shared libraries: libbfd-2.22-system.so: cannot open shared object file: No such file or directory

It can be fixed by creating a symbolic link to a library existing in the system, but under a different name:

sudo ln -s /usr/ lib/ libbfd-2.22.90-system.20120924.so / usr/ lib/ libbfd-2.22 -system.so