Index ¦ Archives ¦ Atom

Alternative Networks for this site - I2P

I've been very interested in all the different censorship resistant that seem to have sprung up over the last few years so I thought I'd have a look at hosting this site on them. It seems like the ideal site to try them out with because I use pelican to generate static html files and they should be fairly easy to host anywhere.

The some of the networks I've looked at recently are:

and this week I've started running Exotic Security as an I2P eepsite1 it's now available at:

http://xotc.i2p

or

http://gqgvzum3xdgtaahkjfw3layb33vjrucmw5btyhrppm463cz3c5oq.b32.i2p/

I've used I2P for a while now and it's fairly similar to its more popular cousin Tor although there are a few notable diffrences. The ones that stand out for me are:

  • I2P was designed was a global passive adversary in mind. Someone who can watch the whole network, every packet that goes in and every packet that comes out. So it uses tricks like constantly sending some amount of traffic, whether you're using it or not to thwart traffic flow analysis.
  • Unlike Tor who ask you not to torrent over their network I2P actually encourages torrents and has a a built in torrent engine called snark.

Setting up an eepsite was fairly easy. I installed I2P simply following their debian install guide.

I decided to go with a site run by Apache and use I2P as a reverse proxy rather than use the built in web server.

I edited the ports that apache listens on vim /etc/apache2/ports.conf

# I2P eepsite
Listen 127.0.0.1:7658

and added an entry in /etc/apache2/sites-enabled/000-default.conf

<VirtualHost 127.0.0.1:7658>
    # Host settings
    ServerName xotc.i2p

    ServerAdmin webmaster@xo.tc
    DocumentRoot /var/www/eepsite
    ErrorDocument 404 /pages/404-not-found.html

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    # As we are hosting on localhost, by default the server-status and
    # server-info pages are avalible.
    <Location /server-status>
        Order allow,deny
        Deny from all
    </Location>
    <Location /server-info>
        Order allow,deny
        Deny from all
    </Location>

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

and in the router console under I2P internals > Hidden Service Manager I enabled the website.

I could have simply pointed I2P at the site already running on port 443 but Pelican uses absolute links, also I use Piwik analytics which again points to a clear net site. So instead I've used pelican to generate a new site with the relative links and no analytics.


  1. I have a feeling I saw somewhere that I2P were looking at moving away from the name 'eepsite' and moving to calling them 'Hidden Services' like Tor does, but now I can't find that anywhere so I'm sticking with eepsite. 

Creative Commons License
Content on this site is licensed under a Creative Commons Attribution 4.0 International License.
Built using Pelican. Based on a theme by Giulio Fidente on github.