Copyright 2006-2008
Patrick R. McDonald <marlowe@antagonism.org> (GPG key)This document last modified Sunday, 18-May-2008 16:12:19 PDT
There is a severe problem in the world today, people in the world do not respect the right of people to have anonymous and private Internet transactions. Quite numerous are the infractions of the US executive branch and its lap dogs. However, it isn't just big brother who wishes the details of your transactions. Little brother (corporate America) is in on the act. Whether it is companies trying to spam you with offers based off your browsing habits or your ISP trying to what you are browsing. Both brothers, big and little, forget a person's transactions are their business until they wish to disclose the act of the transactions (removing anonymity) or the contents there in (removing privacy).
Fortunately, there are open source methods out there to help solve the problem of maintaining the anonymity of the transactions, I2P and Tor . Note, neither of these network solutions, solve the problem of maintaining the privacy of the transaction. Both networks help to anonymize connections through a mix network. A mix network encrypts messages which it sends through a random series of proxies before it reaches its final destination. Each proxy peels off a layer of encryption until all the encryption is removed. This solves the problem anonymity as no node with the exception of the entry and the exit node knows the source and the destination.
The problem with I2P and Tor is one can not access the resources of one network from the other without a specific outproxy. For example, if one has occured their web browser to accecss the I2P network, one can not access resources ending the a .onion URL (Tor resources). If one uses Firefox, one can use a proxy switching plugin such as SwitchProxy or Torbutton. However this solution only works for one browser and requires the user to actively switch to the appropriate proxies. A better solution is to use Privoxy's pattern matching capabilities to send the requests to the appropriate network without user intervention.
To install I2P, follow the instructions located here. Once I2P is installed, you need to start the router. The below example shows how to start the router on a Nix based system. The below example uses /home/marlowe/src/i2p as the directory in which I2P was installed. Make sure to change the commands appropriately.
% cd /home/marlowe/src/i2p
% ./i2prouter start
You can confirm a successful start by connecting to the I2P router by clicking here. This page will cover the basics of I2P and how to configure your system if you simply want to use I2P to anonymize your traffic.
To install Privoxy, follow the instructions located here. Once Privoxy is installed, you need to start it. The below example shows how to start Privoxy on a RedHat based system.
# /sbin/service privoxy start
To install Tor, follow the instructions located here. The instructions after step one cover how to configure Tor to provide your answer browsing. For our example, you will only need to perform the actions in step one.
There are multiple ways to configure Privoxy to allow access to resources on both networks. The first example uses Tor as the main network and uses I2P to access I2P specific resources (.i2p domains). Add the following lines to /etc/privoxy/config to enable anonymous browsing.
forward .i2p localhost:4444
forward-socks4a / localhost:9050 .
The first line tells Privoxy to forward any URL ending in .i2p through port 4444 on the localhost. This is the HTTP proxy for the I2P network. The second line tells Privoxy to forward all remaining requests through port 9050 on the localhost. This is the proxy port for the Tor network.
The second example uses I2P as the primary network and the Tor network to access Tor specific resources (.onion domains). Add the following lines to /etc/privoxy/config to enable anonymous browsing.
forward-socks4a .onion localhost:9050 .
forward / localhost:4444
The first line tells Privoxy to forward any URL ending in .onion through port 9050 on the localhost. This is the proxy port for the Tor network. The second line tells Privoxy to forward the remaining requests through port 4444 on the localhost. This is the proxy port for the I2P network.
For both examples, the following lines need to be commented ("#").
# logfile logfile
# jarfile jarfile
# debug 1 # show each GET/POST/CONNECT request
This prevents Privoxy from recording every request which passes through it.
Now set the HTTP proxy for your web browser to localhost:8118 (or whatever port you have Privoxy listening on) and the SOCKS proxy to localhost:9050 and set the version to 5. Finally restart Privoxy to have it reread the config file. The below line shows how to restart Privoxy on RedHat systems.
# /sbin/service privoxy restart
To confirm your configuration is correct, open your web browser. First attempt to connect to www.i2p2.i2p . If this attempt is successful, the next check is to see if Privoxy sends appropriate requests through the Tor network. Connect to the hidden wiki. If you are successful, you are able to access both the I2P and Tor networks seamlessly.
Copyright 2006-2008
Patrick R. McDonald <marlowe@antagonism.org> (GPG key)