Learn how hackers can use the ICMP tunneling technique to gain unauthorized access to your organization's network and how to take steps to effectively protect against this potential threat.
462 
Anonymity and security on the Internet have become key issues for many users, especially those who actively use file sharing networks such as BitTorrent. There is a way to significantly increase the anonymity of file sharing, and that is to use the I2P (Invisible Internet Project) network. In this article, we’ll look at how BitTorrent can be used over I2P to enable anonymous file sharing. I2P is an anonymous network that allows users to interact on the Internet without revealing their real IP address, which ensures a high level of privacy. When BitTorrent is used over I2P, users are able to exchange files while remaining invisible to outside observers.
In this article, we will explain in detail how to configure BitTorrent to work over I2P, including installation and configuration steps. We’ll also look at the benefits of using I2P for file sharing, including increased anonymity and security. In addition to the technical aspects of setting up and using I2P with BitTorrent, we’ll also focus on security and anonymity. The discussion will include the risks that may arise when using file sharing networks and ways to minimize them. In addition, we will cover the potential legal aspects of using anonymous file sharing networks. The legal regulation of the Internet is constantly changing, so it is important to be familiar with the current rules and regulations. This article will be a useful resource for anyone looking to maintain anonymity and security when sharing files over BitTorrent, especially using the I2P network. With its help, you can set up secure and anonymous file sharing, ensuring the protection of your data and privacy.
BitTorrent supports several modes of operation, which in most cases are combined together: operation through a tracker, PEX (Peer EXchange) and DHT (Distributed Hash Table). About everything in order.
To begin with, it is necessary to explain the basic terminology related to the participants of the torrent distribution:
Banquet (peer) is a general designation for a participant in the process;
Seed, sider (seed) – a feast that has the whole file. Sider is clearly called the user who creates the handout, since at the initial stage only he has the entire file. That is why there is usually only one cider in a new distribution. If you downloaded the file completely and did not leave the distribution, then you also become a sider;
Leech – a feast that downloads the file, but has not yet downloaded it to the end. He can also distribute fragments he has already downloaded to other parties;
Superseed (SuperSeed) – a seed in a special distribution mode, when it gives each downloader only unique fragments of files, thereby forcing other participants to be more active (exchange missing parts with each other).
A tracker is a server to which exchange participants contact in order to publish information about themselves and receive information about other exchange participants. The user, who has not yet downloaded the file, after receiving the list of banquets, knocks on them with a request to give a part of the file. To implement the possibility of fragmented download of a file (rather than sequentially from the first to the last byte in a row), the torrent distribution contains fragments of the hash of the final file. This allows you to download the file in separate parts of different users and check their integrity. The tracker’s mission is to accumulate information about the participants of the giveaway and provide this information to the participants themselves. The torrent tracker does not in any way touch the final file that the sharing provides, it only brings together the distributers and downloaders.
To minimize the consequences of a torrent tracker failure, you can specify multiple trackers when creating a giveaway. In addition, anyone can withdraw a distribution to a new tracker. This way, outages with one of the servers do not take away the ability to download and distribute.
PEX (Peer EXchange) is an extension of the BitTorrent protocol for exchanging peer lists. The implementation is simple: in addition to file fragments, users exchange additional messages that contain lists of participants who have connected and disconnected from the distribution. This helps new users to integrate faster into the file upload process, as there is no need to wait for the distributing node to contact the tracker, where it will receive a list of newbies. Also, for the downloading participant, there is a new source of feasts in addition to the torrent tracker.
Despite its simple design, some BitTorrent clients have their own implementation of PEX that is incompatible with others. In addition, PEX is not a panacea, because it is able to help only those users who are already connected to the distribution (because PEX messages follow the usual BitTorrent protocol in the form of additional packets).
DHT (Distributed Hash Table) is a protocol that allows BitTorrent clients to find each other without using a tracker. DHT is fundamentally similar to PEX, with the main difference being that it works separately from the core BitTorrent protocol.
Each connected BitTorrent client is a separate node in the DHT network. It has its own unique identifier (id) randomly drawn from the same 160-bit space as the torrent information hashes. Each node maintains a routing table containing contact information for many of its “closest” nodes and some more distant nodes. The “proximity” of two nodes is calculated based on the “similarity” of their IDs and has nothing to do with their geographic distance.
When a node wants to find participants for a handout, it compares the information hash of the handout with the IDs of the nodes it knows, and then sends a request to the node whose ID is most similar to that information hash. The next node, in turn, returns the address of the node whose ID is even closer to the infohash of the torrent. Thus, requests from clients participating in a torrent distribution with a certain infohash gradually flow to nodes whose IDs are most similar to the distribution’s infohash. These nodes remember the participants’ previous requests for a specific torrent and will return the addresses of previous banquets from the same distribution to all subsequent nodes that have requested.
The DHT database is maintained by the torrent client regardless of active hands and is maintained until shut down or restarted, regularly accepting requests from other participants and checking the nodes on its list for activity. The DHT database is replenished in any convenient case: when receiving a list of participants from torrent trackers, or from other banquets via PEX or DHT. Thanks to DHT, another way of publishing torrents without specifying trackers has been implemented.
Usually, these free programs are distributed as text links instead of torrent files. This line is called a magnet link and must contain the infohash of the giveaway, which allows you to find the participants of the giveaway via DHT. However, the magnet link may contain the address of the torrent tracker, which in most cases will speed up the search for the group. It should be noted that magnet links and torrent files without trackers are useless if the end user does not have an active DHT connection with which he can find the newsletter with the message of the desired news.
A lot of explanatory material has been created about the basic principles of BitTorrent, therefore, having understood the essence, let’s move on to the main topic of the article.
The idea of sharing files over hidden networks such as I2P is not new. For ordinary users, I2P torrent differs in that it is impossible to block distributions and trackers from providers, since I2P is a hidden network, where the goal is anonymity and cannot be detected. Track traffic sources. The general model of BitTorrent, like any peer-to-peer exchange, involves a direct connection between users. It is this feature that makes normal torrents unsuitable for distributing the files that Big Brother distributors want to catch and punish. For example, in some European countries, much attention is paid to the fight against domestic piracy: games, movies, series. Law enforcement officers, after connecting to the contest, will track the contestant’s IP address in the jailbreak game, after which the user will receive a letter of happiness or a set of police uniform pages, depending on the level of hysteria simulated in the game. land
It is considered unethical to publicly discuss the topic of anonymous file sharing, as our common man knows the circle of people who dream of anonymity: pedophiles, drug addicts, extremists, sectarians, sectarian drug addicts, and so on, follow the latest list on the air of federal TV channels. However, for a free-thinking and healthy person, the sphere of application of anonymous torrents can be drawn easily and without remorse. Think of WikiLeaks and other revelations of inhumanity, which to a sane person is a crime, but the sometimes absurd laws of spreading information about such crimes are already a crime like divulging a state secret. The ability to secretly transfer files in such cases is equal to saving one’s life, health and freedom. The need for anonymity is a broad topic, in which there will be a place for a corrupt official, and a lover of mediocre anime, and whistleblowers of lawlessness, and truth tellers on TV! – To criminals. As for criminals: they do not need this article, they have already been using technologies for a long time and successfully, which in principle cannot be effectively blocked, and therefore prohibited. This material is addressed to a wide audience and is educational in nature, so that free technologies belong to the people, and not to a narrow group of individuals.
Resistance to censorship by Internet providers and anonymity of distribution participants are fully guaranteed by I2P technology. When observed from the outside, it is almost impossible to trace the movement of I2P traffic and therefore its source. All users and servers have cryptographic IDs instead of IP addresses. Identifiers have nothing to do with the physical location of a network member, but allow you to contact them.
There are several BitTorrent clients that can work over I2P. Periodically, new solutions appear or old ones are no longer supported by developers. Be that as it may, all programs in this category are divided into two types: those that can work both through the regular Internet and through I2P, and those that are created exclusively to work through a hidden network.
Using a multi-network torrent client can be dangerous if used improperly, as IP address leaks are possible. For example, the user started downloading something via I2P, but he has active DHT connections from the regular Internet, and his client periodically turns to torrent trackers located outside hidden networks. If a request arrives from a non-anonymous network that contains the infohash of a dubious I2P handout, the torrent application will respond positively and begin relaying the handout from the darknet to somewhere out there, perhaps Big Brother. The consequences of leaking an IP address to a suspicious mailing address are difficult to predict, but nothing pleasant will happen for sure.
On the other hand, cross-network torrent clients can be very useful for intentional cross-network torrent downloads. For example, after downloading a movie from the Clearnet tracker (from a classic Internet torrent tracker), the movie can be distributed via I2P to those who, for some reason, cannot or do not want to use it Traditional torrents. In this case, it is important not to change the owner so that your hash information is identical to the original. This will ensure the maximum number of participants on all possible channels for new users: for those who download only via I2P, and for those who combine sources from different networks. The average bandwidth of an I2P network at the time of writing is 40 Kbps. There are spikes of 100 Kbps depending on the situation, but in general with a standard tunnel length (ingress and egress tunnels have three transit nodes by default) the speed ranges from 20 to 50 Kbps. /S.
It turns out that the actual bandwidth of sid is not critical, it delivers files of a particular user at speeds of up to 100 Kbps. This is the speed of a particular peer connection, which depends on many factors inherent in I2P, such as the quality of transit nodes and their number between users. The speed will be determined by the worst member of the chain. The Licher in the I2P torrent distribution plays an important role in accelerating the entire swarm (the set of all participants in the distribution is called a swarm).
Although the average connection speed is low, popular I2P torrent downloads and distributions reach speeds of up to 2 MB/s, which is possible due to the collective factor: people involved in torrenting have uploaded segments to each other, creating new connections from time to time. A large number of slow connections provide a high overall speed, like streams that join to form full-flow rivers. Indeed, the BitTorrent protocol was created specifically for file distribution, and its architecture is fully I2P compatible.
A list of existing torrent clients that support I2P can be found in the i2pd documentation. If you think the list is incomplete, you can supplement it. In the framework of this material, only I2PSnark will be highlighted, since it has been the best solution for I2P torrents for many years. In addition to decent functionality, it is an I2P-only client, that is, it can work exclusively through the I2P network, which saves inexperienced users from the threat of IP address leakage.
I2PSnark appeared almost simultaneously with the I2P network itself (~2003). To this day, it is part of the Java I2P router, which includes a number of applications in addition to the main function of connecting the user to a hidden network. I2PSnark interacts with an I2P router using the I2CP protocol, which is supported in the i2pd lightweight and fast C++ router alternative. To use I2PSnark separately from the Java router, you must use I2PSnark standalone. You can build the binary yourself from the source code, or use the build from the I2P+ project, which is a soft fork of the main I2P router with minor changes. The direct link to download the I2PSnark standalone binary is on the mentioned i2pd documentation page.
Java programs require a special runtime environment on your device (Java Virtual Machine) to run. You can install Java on any modern operating system. Download the latest release for Linux, Mac or Windows from the official page.
Before using I2PSnark standalone, you need to enable the I2CP interface, which is disabled by default in i2pd. This is done via the i2pd.conf configuration file: uncomment the enabled = true line in the [i2cp] section and restart i2pd.
To find out where to find the configuration file on your system, refer to the main page of the i2pd web interface, which by default is available at http://127.0.0.1:7070. Look at the Data path line.
The downloaded I2PSnark standalone archive contains launch-i2psnark and launch-i2psnark.bat files. Use the bat file to run on Windows and the file without the name extension in any other case. When using on unix-like operating systems, remember to make the file executable (chmod +x launch-i2psnark) before launching.
Interacting with a running I2PSnark is via the web interface available by default at http://127.0.0.1:8002. It is intuitive and easy to learn. To change the language to Russian, go to the settings (the lowest button, the gear icon), in the “User interface” section, change “Language” and click the “Save Configuration” button below.
Pay attention to the “Tunnel Configuration” section, which is responsible for incoming and outgoing tunnels.
Hops are the length of tunnels in transit nodes. The greater the length, the more anonymous and slower the tunnel. By default, three-hop tunnels are used, but for domestic use it is quite normal to put two or even one hop.
It is possible to run multiple instances of I2PSnark on the same device: short tunnels for distributing and downloading normal content, and long tunnels for handling more sensitive material. To do this, copy the entire I2PSnark folder and change the jetty-i2psnark.xml file in the copied directory: find the value “port” and change the port number on which the web interface will be available.
For example, one instance of I2PSnark might use port 8002 and another might use port 8003. To make it more difficult to confuse which instance you have open in your browser (with long or short tunnels), use different skins.
Note: I2PSnark changes its I2P ID every time it is launched, which is visible to other file sharing participants.
To join the giveaway, open the add menu (the top button with the plus icon).
In the “From URL” field, you can paste a magnet link or a direct path to a .torrent file on your file system. The “Data directory” field indicates the path where the downloaded files will be stored. Click “Add torrent” to start downloading.
I2PSnark also supports maggot links, a type of magnet featured in the Robert I2P torrent client. Today, Robert and his habits are no longer useful. Today, the term “worm bond” is mostly used as a misnomer for standard magnets.
The second, in some cases more complicated, option allows you to add torrents without using the web interface: add the torrent file of the desired distribution to the main directory of the I2PSnark file repository. By default, I2PSnark stores torrents and downloads in a subfolder with the same name as i2psnark/i2psnark. When you add a new torrent file to this folder, the program will select it and automatically start the download process within a few seconds.
To create a new torrent, you need to use the button with the magic wand icon. All we need is to specify the full path to the file or folder to be distributed in our file system and select a tracker that will be immediately added to the distribution. If you create a document without using a tracker, the party will only have DHT. If you do not know how to do this, go through each offered tracker and choose one of them as the main one. As a rule, the main one is Postman, because it is the oldest classic torrent tracker with a forum (http://tracker2.postman.i2p ).
After clicking the “Create torrent” button, a distribution will be created, which will appear in the general list. For convenience, it is recommended to add the files being distributed to the default I2PSnark folder so that everything is in one place.
The finished torrent file will appear next to the rest of the torrent files, from where it can be taken for posting on the forum or direct transmission to anyone. Clicking on the name of the hand in the I2PSnark web interface will open a window with information.
In the upper right corner you can find the infohash of the handout, the magnet link (magnet icon) and the link to download the torrent file (far right). When you click on the icon of the torrent file, you will be prompted to download the file located in the indicated place. To transfer a magnet link, right-click on the corresponding icon and copy the link to which it leads. This is a magnet link that is ready for publication.
Once you’ve created a handout that you really think is important, try to maximize the sitting time to download the files for at least the first few banquets. After downloading someone else’s hand, don’t go right away, play around if time and disk space allow. Gentlemanship is appropriate everywhere.
Familiarity with I2P torrent trackers is beyond the scope of this article and falls entirely on your shoulders. However, there is nothing complicated: design the handouts expressively, informatively and beautifully.
Seedbox (seedbox) – a device that serves for constant distribution of files. As a rule, it is collected from single-board computers and external HDDs. However, any device capable of simultaneously running an I2P router and a torrent client with the maximum possible uptime and disk space will do. Seedboxing includes not only the constant distribution of your files, but also the support of other people’s distributions at least during the release week. This is a kind of subculture, turned on the free exchange of information, imbued with altruism and price tags for hard drives.
Someday, we enthusiasts will get to a detailed review of the successful assembly of a seedbox from sticks and insulators, but for now we will limit ourselves to tips:
The minimum amount of RAM of the device to run i2pd and I2PSnark is 512MB, comfortable with a spare – 1GB.
In the long term, active distribution of torrents has a bad effect on the life of hard drives, since torrenting involves active work with the disk with a constant change of read locations. Especially if there is a simultaneous distribution of many participants. As a result, you should prefer several disks of smaller volume than, for example, one disk of several terabytes. This will increase the overall performance of the system, and the failure of one disk will lead to a complete loss of information. Unless, of course, you end up using RAID – systems of mirroring drives between each other to prevent information loss when one of them fails.
Due to the possible failure of disks, it is desirable that the operating system is on a separate physical disk than where the torrent content is stored. This is especially acute for single-board computers, where the operating system runs on an SD-drive, which itself is not famous for durability.
The topic of seed boxes based on budget single-payer devices becomes especially relevant in light of the news about the release of the Linux kernel 5.15 with support for SMB and NTFS, which opens new horizons for weak hardware, but this is a topic for a separate conversation.
Decentralization and the development of free technologies are not possible without the participation of ordinary people. If we don’t want to depend on file sharing policies and ISP restrictions, everyone has to do their part. In the early stages of the popularity of I2P torrents, seed boxes were an important element that contributed to the development of the technology. Today, torrenting on hidden networks is popular in countries where the situation demands it. The practice of bans and fines is gradually spreading to other areas. Ask yourself, can you spare a few thousand rubles to buy a single-board computer and a couple of hard drives to organize your seed box? Even if you have not used Linux and do not understand what an SSH connection is, believe me, participating in a fun game of free technology and publicity will be worth all the time and effort spent on it. In my opinion, the culture of free software and the hidden network allows each user to become an equal participant, a guardian of technology and information, which is no worse than the plan of a daily online game. start, but there is one big difference: you do not degrade, but grow.
462 
391 
409