| |||||
| |||||
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment: |
This talk will present research into services hosted internally on the
I2P anonymity network, especially I2P hosted websites known as eepSites,
and how the true identity of the Internet host providing the service may
be identified via information leaks on the application layer. By knowing
the identity of the Internet host providing the service, the anonymity
set of the person or group that administrates the service can be greatly
reduced. The core aim of this paper will be to test the anonymity
provided by I2P for hosting eepSites, focusing primarily on the
application layer and mistakes administrators and developers may make
that could expose a service provider’s identity or reduce the anonymity
set they are part of. We will show attacks based on the intersection of
I2P users hosting eepSites on public IPs with virtual hosting, the use
of common web application vulnerabilities to reveal the IP of an eepSite,
as well as general information that can be collected concerning the
nodes participating in the I2P anonymity network.
Article:
http://www.irongeek.com/i.php?page=security/darknets-i2p-identifying-hidden-servers
Slides:
http://www.irongeek.com/downloads/i2p-de-anonymizing.pptx
Download:
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast