Opened 7 years ago

Closed 7 years ago

Last modified 7 years ago

#6342 closed defect (not a bug)

different streams have too close exit node IP's

Reported by: proper Owned by:
Priority: High Milestone: Tor: 0.2.4.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: tor-client
Cc: proper Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Example:
TransPort gets x.x.x.120
SocksPort gets x.x.x.121

Happens sometimes. I suspect that both IP's are owned by the same family. The exit node could still correlate both connections.

Child Tickets

Change History (6)

comment:1 Changed 7 years ago by proper

Milestone: Tor: 0.2.4.x-final

The bug is reproducible. I tested it again.

This is not about TransPort vs SocksPort. It's also about SocksPort stream isolation from other SocksPorts.

For testing I created 6 different SocksPorts. 127.0.0.1 9061, 9062, 9063, 9064, etc... And then I pointed the browser to them, testing them one by one.

SocksPort 9061 got IP $x.$y.$z.1.
SocksPort 9065 got IP $x.$y.$z.2.

Those nodes have the same ISP, they are probable owned by the same people and they are probable in the same Tor server family.

All other SocksPorts got different exit IPs, i.e. $a.$b$.$c.$d.

That doesn't mean it takes 5 different SocksPorts to produce this. Could be also happen already for two.

comment:2 Changed 7 years ago by proper

Related to #6595.

comment:3 Changed 7 years ago by rransom

Resolution: not a bug
Status: newclosed

If two streams exit through different IP addresses, then they are on different circuits.

comment:4 Changed 7 years ago by arma

The goal of isolating streams onto different circuits is so the exit relays can't learn which streams are coming from the same user. It's not about having never having streams come out of 'nearby' IP addresses. It's also not about never having streams come out of the same exit relay -- it is totally normal for two streams (from two users) to possibly come out of the same exit, so making you never do that would leak information to the attacker.

comment:5 Changed 7 years ago by nickm

Keywords: tor-client added

comment:6 Changed 7 years ago by nickm

Component: Tor ClientTor
Note: See TracTickets for help on using tickets.