On 2017-05-09 20:06, cooloutac wrote:
On Tuesday, May 9, 2017 at 10:34:12 AM UTC-4, atlahua wrote:
I have sys-whonix set up to use Tor bridges. However when I run the
shell command 'ss -a -r -t' I can see that some of the traffic is sent
to IP addresses other than the selected bridge.
Why is sys-whonix sending traffic outside Tor?
I did netstat they all say tor except these two
tcp 0 0 127.0.0.1:4101 0.0.0.0:*
LISTEN 215/brltty
tcp 0 0 10.137.3.1:9052 0.0.0.0:*
LISTEN 902/python
tcp 0 0 0.0.0.0:8082 0.0.0.0:*
LISTEN 925/tinyproxy
all the rest are: with ports in 9100s which I assume is tor.
tcp 0 0 10.137.3.1:9181 0.0.0.0:*
LISTEN 997/tor
You should also check from sysnet to see what is leaving your pc.
____________________________________________________________________
Thanks to all of you for your feedback.
At the time I detected the issue I made the mistake not to note down the
IP address at which the traffic was send.
I cannot reproduce the problem right now and all I can see is that
sys-whonix is using one obfs bridge and a non-obfs bridge
simultaneously. Nothing else that may look suspicious.
As for checking sys-net traffic, I guess you mean sys-firewall. sys-net
should not be connected to the network. Nothing coming out though.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/98e59d733a43f1b6669492b8efab5dcc%40krutt.org.
For more options, visit https://groups.google.com/d/optout.
