Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- AnoNet is a nickname
- Everyone can create a profile of an anoNet IP address: what kind of documents do you publish or request, in what language, on which countries or cities, etc. If this IP publishes a document that may lead to the identity of the owner, then all other documents already published or requested may be linked to that identity. Unlike some other Friend to Friend (F2F) programs, there is no automatic routing in the Net year that hides the IP of a node from all nodes that are not directly connected to it.
- Anonet is a decentralized IP based darknet. It's implemented as a bunch of (mostly peer to peer) VPN tunnels over the internet, and (usually Linux based) BGP speaking IP (mostly IPv4) routers.
- Anonet has claimed the IPv4 subnetwork 21.0.0.0/8 to provide every participant with sufficient IPv4 addresses to address the entire network with 'publicly' routable IP addresses. There's usually no need for NAT on Anonet, and people tend to use it to connect to their own computers from locations that would otherwise not allow them to do so (think breaking through firewalls).
- Anonet's ultimate goal is to replace the internet as we know it, to provide everybody with a free (freedom of speech) and censorship resistant network, without one ever growing centralized government. Whether this will ever happen is unsure, but resistance against control and censorship by our governments is definitely growing.
- If you're not in for the freedom, not all hope is lost yet. Anonet is a great place to learn about- and experiment with all kinds of computer networking concepts and technologies. As a participant, you will learn a lot about Virtual Private Networks, BGP, IP routing, Linux, programming and computer networking in general. You can freely deploy your own experimental services, protocols and applications. We're currently using it as a testbed for both QuickTun and VNE.
- Getting started
- The best way to get started on anonet is probably to join our IRC chat. You can do so from the internet by visiting irc://irc.kwaaknet.org/anonet or http://webchat.kwaaknet.org/?c=anonet. (WARNING! These servers will expose your IP address!) Alternatively, you can hop on straight onto the Client Port, which is simply a public VPN server. Detailed instructions for connecting are listed at http://ix.ucis.nl/clientport.php. Once connected, you can join our chat on irc://21.3.3.7/anonet. More information about Anonet and client ports is available at http://www.anonet.org/.
- However, all existing F2F programs can be used within the Net year, making it more difficult to detect that someone uses one of these F2F programs (only a VPN connection can be seen from the outside, but traffic analysis is still possible).
- Since the implementation of fiber to distant hosts is prohibitively expensive for the voluntary nature of such a network, the network uses VPN software without router support for router and router for user links. This also offers other advantages, such as the invulnerability for external espionage and the lack of need for unusual software that can give attention to those who participate.
- To avoid addressing the conflict with the Internet itself, the year NetNet initially used the IP range 1.0.0.0/8. This is to avoid conflicts with internal networks, such as 10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16, as well as the allocated internet ranges. In January 2010, IANA allocated 1.0.0.0/8 to APNIC. In March 2017 the year NetNet changed the network to use the sub-network 21.0.0.0/8, which is assigned to the United States Department of Defense, but is not currently being used on the internet.
- The network itself is not organized in any regular, repetitive pattern of routers, although redundant links (> 1) are desired. This serves to make it more decentralized, reduces bottlenecks and the use of BGP allows for redundancy.
- The appropriate VPN options are available, if not numerous. Any robust IPsec packet is acceptable, such as FreeSWAN or Greenbow. There are also non-IPsec solutions, such as OpenVPN and SSH tunneling. There is no requirement for a homogeneous network; each link could actually use a different VPN daemon.
- AnoNet: Windows
- If you want to participate in AnoNet using a Windows system, you have a few options. You can run Linux using virtualization software like VirtualBox or CoLinux. Or you can use the VNE/DNRouter software, which has everything you need in a single binary.
- Anonet public services
- http://ix.ucis.nl/
- http://x5yd2gfthlfgdqjg.onion/ - Web proxy into Anonet
- Anonet internal services
- http://www.ucis.ano/ - personal homepage including anonet looking glass, BGP graph, resource database
- http://wiki.ucis.ano/ - this wiki
- http://marc.ucis.ano/ - Web interface to the resource database
- http://ix.ucis.ano/ - informative / router looking glass
- http://wikileaks.ucis.ano/ - partial and outdated WikiLeaks mirror
- irc://irc.kwaaknet.ano/anonet - Kwaaknet.org IRC network
- http://delta.ucis.ano:9091/ - Kwaaknet.org webchat
- 21.3.3.64 - Public DNS recursor (.ano, .dn42, ICANN TLDs)
- 21.3.3.67 - .ano TLD server
- Anonet internal services by others
- http://www.sfor.ano/ - Personal homepage including Pastebin, wiki, webchat, forum, git hosting, e-mail hosting and more
- irc.icann.ano:6667 (1.56.75.16) emgloy746w4lzwba.onion:6667 irc.icann.bz:6667
- irc.anonet2.ano:6667 (1.156.95.1) rgev7jlb33uvlrdj.onion:6667 irc.anonet2.biz:6667
- irc.slj.ano:6667 (1.1.8.8) soaptxseg3zvuzv5.onion:6667 slj.icann.bz:6667 [fd63:1e39:6f73:108::66:1]:6667
- negromancy.ano:6667 (1.1.7.1) negrombwwm6yvnrc.onion:6667
- irc.d3v11.ano:6667 (1.1.5.67) rbb3cizcd23x7w4g.onion:6667
- irc.agora.ano:6667 (1.6.1.1) heqz7uwayc2t2otu.onion:6667
- irc.sorbatol.ano:6667 (1.27.0.1) fpbu2xu2pw4q2vof.onion:6667
- irc.freeanons.ano:6667 (1.0.69.3) lis5ghm2ai4yjoxy.onion:6667
- irc.sfor.ano:6667/6697 (1.4.7.7) mhaztct565q27kor.onion:6667 NGIRCD (SSL 6697), no &channel support
- coward.irc.sfor.ano:6667 (1.4.7.8) coward URCD, &channel sender rewrite
- nameless 1.3.37.1:6667 Nameless IRCD
- Anonet
- paste.ano lw7b7t7n7koyi6tb.onion paste.icann.bz Anonet pastebin
- fms.ano FMS Forum hosted at freenet
- tpb.ano thepiratebay.se reverse proxy
- cryptome.ano cryptome.org reverse proxy
- www.namek.ano NewAnoWiki
- www.icann.ano icann.bz -
- wiki.negromancy.ano yaiaqf3te6khr3nd.onion anonet2.biz A Hidden Wiki
- files.negromancy.ano Files served from HTTP/FTP, including a Monastery
- www.ucis.ano
- Utility
- icann.bz:7375 socks proxy for reaching anonet TLD
- susocks client port NaCl encrypted client port to Anonet
- OpenVPN client port OpenVPN client port to Anonet
- xdagknwjc7aaytzh.onion web proxy for reaching anonet TLD
- freenet.ano web proxy for reaching freenet
- gaybar.ano torrent tracker
- git clone git://1.1.7.54/ resdb resdb for anonet
- git clone git://negrombwwm6yvnrc.onion/ resdb resdb for anonet (via tor)
- hg clone http://1.4.7.7/ resdb resdb for anonet (mercurial)
- 1.56.75.1, 1.1.5.1, 1.1.7.1, 1.3.3.64 Anonet public DNS resolvers
- fd63:1e39:6f73:107::10:1 This wiki in Anonet IPv6
- Kwaaknet irc.kwaaknet.ano:6667/6697 (1.3.3.7) iacs62d7c5izhuma.onion irc.kwaaknet.org
- only #anonet is connected to URC irc.r101.ano:6667/6697 (1.1.1.1) InspIRCd-1.1 (SSL 6697)
- pbx.namek.ano:6667/6697 (1.234.56.2) InspIRCd-1.1 (SSL 6697)
- xzwmj22kxtrqzcua.onion:6667 InspIRCd-2.0
- http://wiki.ucis.nl/Anonet/Internetaccess
- Anonet / BIRD
- http://wiki.ucis.nl/Anonet/BIRD
- This normally goes in /etc/bird.conf:
- log syslog {debug, trace, info, remote, error, auth, fatal, bug};
- #Your router ID is formatted as an IP address. It should be unique, so you should use one of your local IP addresses.
- router id 21.2.3.4;
- #This filter allows prefixes in dn42, as well as the big anonet network
- filter dn42 {
- if net = 172.16.0.0/12 then reject;
- if net = 172.22.0.0/15 then reject;
- if net ~ 172.16.0.0/12 then accept;
- if net = 21.0.0.0/8 then accept;
- reject;
- }
- #This filter allows prefixes in anonet, as well as the big dn42 network
- filter anonet {
- if net = 21.0.0.0/8 then reject;
- if net ~ 21.0.0.0/8 then accept;
- if net = 172.16.0.0/12 then accept;
- if net = 172.22.0.0/15 then accept;
- reject;
- }
- protocol kernel {
- # learn; # Learn all alien routes from the kernel
- persist; # Do not remove routes on bird shutdown
- scan time 20; # Scan kernel routing table every 20 seconds
- # import none; # Default is import all
- import all;
- export all; # Default is export none
- }
- protocol device {
- scan time 30; # Scan interfaces every 10 seconds
- }
- #This is where we define our local network. If you just use the network only
- #on this host, or use individual IP addresses, use the reject statement.
- #Alternatively, you can route your entire subnetwork to a specific interface.
- protocol static {
- route 21.2.3.0/24 reject;
- # route 21.2.3.0/24 via "eth0";
- }
- #This is a peering with a trusted machine, we exchange all routes
- #Jupiter is just a name we give this connection, for use in the
- #interactive control shell 'birdc'.
- #protocol bgp jupiter {
- # local as 64530;
- # neighbor 10.11.1.2 to 64521;
- # import all; export all;
- #}
- #This is a peer with an anet peer
- protocol bgp as1112 {
- local at 1234;
- neighbor 21.82.98.2 to 1112;
- export filter anonet; import filter anonet;
- }
- #To add another anonet peer, add another protocol block.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement