AnoNet Information 1337 Networking

1. AnoNet is a nickname
2.  
3. Everyone can create a profile of an anoNet IP address: what kind of documents do you publish or request, in what language, on which countries or cities, etc. If this IP publishes a document that may lead to the identity of the owner, then all other documents already published or requested may be linked to that identity. Unlike some other Friend to Friend (F2F) programs, there is no automatic routing in the Net year that hides the IP of a node from all nodes that are not directly connected to it.
4.  
5. Anonet is a decentralized IP based darknet. It's implemented as a bunch of (mostly peer to peer) VPN tunnels over the internet, and (usually Linux based) BGP speaking IP (mostly IPv4) routers.
6. Anonet has claimed the IPv4 subnetwork 21.0.0.0/8 to provide every participant with sufficient IPv4 addresses to address the entire network with 'publicly' routable IP addresses. There's usually no need for NAT on Anonet, and people tend to use it to connect to their own computers from locations that would otherwise not allow them to do so (think breaking through firewalls).
7. Anonet's ultimate goal is to replace the internet as we know it, to provide everybody with a free (freedom of speech) and censorship resistant network, without one ever growing centralized government. Whether this will ever happen is unsure, but resistance against control and censorship by our governments is definitely growing.
8. If you're not in for the freedom, not all hope is lost yet. Anonet is a great place to learn about- and experiment with all kinds of computer networking concepts and technologies. As a participant, you will learn a lot about Virtual Private Networks, BGP, IP routing, Linux, programming and computer networking in general. You can freely deploy your own experimental services, protocols and applications. We're currently using it as a testbed for both QuickTun and VNE.
9. Getting started
10. The best way to get started on anonet is probably to join our IRC chat. You can do so from the internet by visiting irc://irc.kwaaknet.org/anonet or http://webchat.kwaaknet.org/?c=anonet. (WARNING! These servers will expose your IP address!) Alternatively, you can hop on straight onto the Client Port, which is simply a public VPN server. Detailed instructions for connecting are listed at http://ix.ucis.nl/clientport.php. Once connected, you can join our chat on irc://21.3.3.7/anonet. More information about Anonet and client ports is available at http://www.anonet.org/.
11.  
12. However, all existing F2F programs can be used within the Net year, making it more difficult to detect that someone uses one of these F2F programs (only a VPN connection can be seen from the outside, but traffic analysis is still possible).
13.  
14. Since the implementation of fiber to distant hosts is prohibitively expensive for the voluntary nature of such a network, the network uses VPN software without router support for router and router for user links. This also offers other advantages, such as the invulnerability for external espionage and the lack of need for unusual software that can give attention to those who participate.
15.  
16. To avoid addressing the conflict with the Internet itself, the year NetNet initially used the IP range 1.0.0.0/8. This is to avoid conflicts with internal networks, such as 10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16, as well as the allocated internet ranges. In January 2010, IANA allocated 1.0.0.0/8 to APNIC. In March 2017 the year NetNet changed the network to use the sub-network 21.0.0.0/8, which is assigned to the United States Department of Defense, but is not currently being used on the internet.
17.  
18. The network itself is not organized in any regular, repetitive pattern of routers, although redundant links (> 1) are desired. This serves to make it more decentralized, reduces bottlenecks and the use of BGP allows for redundancy.
19.  
20. The appropriate VPN options are available, if not numerous. Any robust IPsec packet is acceptable, such as FreeSWAN or Greenbow. There are also non-IPsec solutions, such as OpenVPN and SSH tunneling. There is no requirement for a homogeneous network; each link could actually use a different VPN daemon.
21.  
22.  
23. AnoNet: Windows
24. If you want to participate in AnoNet using a Windows system, you have a few options. You can run Linux using virtualization software like VirtualBox or CoLinux. Or you can use the VNE/DNRouter software, which has everything you need in a single binary.
25. Anonet public services
26. http://ix.ucis.nl/
27. http://x5yd2gfthlfgdqjg.onion/ - Web proxy into Anonet
28. Anonet internal services
29. http://www.ucis.ano/ - personal homepage including anonet looking glass, BGP graph, resource database
30. http://wiki.ucis.ano/ - this wiki
31. http://marc.ucis.ano/ - Web interface to the resource database
32. http://ix.ucis.ano/ - informative / router looking glass
33. http://wikileaks.ucis.ano/ - partial and outdated WikiLeaks mirror
34. irc://irc.kwaaknet.ano/anonet - Kwaaknet.org IRC network
35. http://delta.ucis.ano:9091/ - Kwaaknet.org webchat
36. 21.3.3.64 - Public DNS recursor (.ano, .dn42, ICANN TLDs)
37. 21.3.3.67 - .ano TLD server
38. Anonet internal services by others
39. http://www.sfor.ano/ - Personal homepage including Pastebin, wiki, webchat, forum, git hosting, e-mail hosting and more
40.  
41. irc.icann.ano:6667 (1.56.75.16) emgloy746w4lzwba.onion:6667 irc.icann.bz:6667
42. irc.anonet2.ano:6667 (1.156.95.1) rgev7jlb33uvlrdj.onion:6667 irc.anonet2.biz:6667
43. irc.slj.ano:6667 (1.1.8.8) soaptxseg3zvuzv5.onion:6667 slj.icann.bz:6667 [fd63:1e39:6f73:108::66:1]:6667
44. negromancy.ano:6667 (1.1.7.1) negrombwwm6yvnrc.onion:6667
45. irc.d3v11.ano:6667 (1.1.5.67) rbb3cizcd23x7w4g.onion:6667
46. irc.agora.ano:6667 (1.6.1.1) heqz7uwayc2t2otu.onion:6667
47. irc.sorbatol.ano:6667 (1.27.0.1) fpbu2xu2pw4q2vof.onion:6667
48. irc.freeanons.ano:6667 (1.0.69.3) lis5ghm2ai4yjoxy.onion:6667
49. irc.sfor.ano:6667/6697 (1.4.7.7) mhaztct565q27kor.onion:6667 NGIRCD (SSL 6697), no &channel support
50. coward.irc.sfor.ano:6667 (1.4.7.8) coward URCD, &channel sender rewrite
51. nameless 1.3.37.1:6667 Nameless IRCD
52.  
53. Anonet
54. paste.ano lw7b7t7n7koyi6tb.onion paste.icann.bz Anonet pastebin
55. fms.ano FMS Forum hosted at freenet
56. tpb.ano thepiratebay.se reverse proxy
57. cryptome.ano cryptome.org reverse proxy
58. www.namek.ano NewAnoWiki
59. www.icann.ano icann.bz -
60. wiki.negromancy.ano yaiaqf3te6khr3nd.onion anonet2.biz A Hidden Wiki
61. files.negromancy.ano Files served from HTTP/FTP, including a Monastery
62. www.ucis.ano
63.  
64. Utility
65. icann.bz:7375 socks proxy for reaching anonet TLD
66. susocks client port NaCl encrypted client port to Anonet
67. OpenVPN client port OpenVPN client port to Anonet
68. xdagknwjc7aaytzh.onion web proxy for reaching anonet TLD
69. freenet.ano web proxy for reaching freenet
70. gaybar.ano torrent tracker
71. git clone git://1.1.7.54/ resdb resdb for anonet
72. git clone git://negrombwwm6yvnrc.onion/ resdb resdb for anonet (via tor)
73. hg clone http://1.4.7.7/ resdb resdb for anonet (mercurial)
74. 1.56.75.1, 1.1.5.1, 1.1.7.1, 1.3.3.64 Anonet public DNS resolvers
75. fd63:1e39:6f73:107::10:1 This wiki in Anonet IPv6
76. Kwaaknet irc.kwaaknet.ano:6667/6697 (1.3.3.7) iacs62d7c5izhuma.onion irc.kwaaknet.org
77. only #anonet is connected to URC irc.r101.ano:6667/6697 (1.1.1.1) InspIRCd-1.1 (SSL 6697)
78. pbx.namek.ano:6667/6697 (1.234.56.2) InspIRCd-1.1 (SSL 6697)
79. xzwmj22kxtrqzcua.onion:6667 InspIRCd-2.0
80. http://wiki.ucis.nl/Anonet/Internetaccess
81.  
82. Anonet / BIRD
83. http://wiki.ucis.nl/Anonet/BIRD
84. This normally goes in /etc/bird.conf:
85.  
86. log syslog {debug, trace, info, remote, error, auth, fatal, bug};
87.  
88. #Your router ID is formatted as an IP address. It should be unique, so you should use one of your local IP addresses.
89. router id 21.2.3.4;
90.  
91. #This filter allows prefixes in dn42, as well as the big anonet network
92. filter dn42 {
93. if net = 172.16.0.0/12 then reject;
94. if net = 172.22.0.0/15 then reject;
95. if net ~ 172.16.0.0/12 then accept;
96. if net = 21.0.0.0/8 then accept;
97. reject;
98. }
99. #This filter allows prefixes in anonet, as well as the big dn42 network
100. filter anonet {
101. if net = 21.0.0.0/8 then reject;
102. if net ~ 21.0.0.0/8 then accept;
103. if net = 172.16.0.0/12 then accept;
104. if net = 172.22.0.0/15 then accept;
105. reject;
106. }
107.  
108. protocol kernel {
109. # learn; # Learn all alien routes from the kernel
110. persist; # Do not remove routes on bird shutdown
111. scan time 20; # Scan kernel routing table every 20 seconds
112. # import none; # Default is import all
113. import all;
114. export all; # Default is export none
115. }
116.  
117. protocol device {
118. scan time 30; # Scan interfaces every 10 seconds
119. }
120.  
121. #This is where we define our local network. If you just use the network only
122. #on this host, or use individual IP addresses, use the reject statement.
123. #Alternatively, you can route your entire subnetwork to a specific interface.
124. protocol static {
125. route 21.2.3.0/24 reject;
126. # route 21.2.3.0/24 via "eth0";
127. }
128.  
129. #This is a peering with a trusted machine, we exchange all routes
130. #Jupiter is just a name we give this connection, for use in the
131. #interactive control shell 'birdc'.
132. #protocol bgp jupiter {
133. # local as 64530;
134. # neighbor 10.11.1.2 to 64521;
135. # import all; export all;
136. #}
137.  
138. #This is a peer with an anet peer
139. protocol bgp as1112 {
140. local at 1234;
141. neighbor 21.82.98.2 to 1112;
142. export filter anonet; import filter anonet;
143. }
144.  
145. #To add another anonet peer, add another protocol block.