Shoalsteed
commented
1 year ago Resources
Protocol analysis. Source, dest, port, what the handshake looks like. Some will probe the points to see what is responding if you do a proxy or TLS connection to a port. Some use Metadata analysis too.
How to Block I2P traffic using App Control Advanced https://www.sonicwall.com/support/knowledge-base/how-to-block-i2p-traffic-using-app-control-advanced/170505344249270/
Identify P2P Traffic by Inspecting Data Transfer Behaviour� https://home.ie.cuhk.edu.hk/~dmchiu/mjye.pdf
A Survey On Routing in Annymous Communication A_Survey_on_Routing_in_Anonymous_Communication_Pro.pdf
I2P Usage Characterization I2Ps_Usage_Characterization.pdf
A Dive into the Dark Web: Hierarchical Traffic Classification of Anonymity Tools TNSE_final.pdf
[How to block I2P and Freenet to my network? https://security.stackexchange.com/questions/119011/how-to-block-i2p-and-freenet-to-my-network
Detecting SSH tunnels https://www.trisul.org/blog/detecting-ssh-tunnels/
Discovery Process When we are approached with a report of blocking / restricted access by I2P community, we need to learn more about the environment of the user.
If a person is using I2P, they may be using other privacy enhancing/ obfuscating tools. We know that VPN's, and Tor traffic are many times detected and blocked. Although I2P does have outproxy ability, accessing the clearnet is not its intended purpose.
are you using an I2P outproxy? Are you using Tor Browser? Are you using a VPN?