Hi
I’ve got disturbing question. I’m using Qubes-Whonix and I SSH into 2-3 servers.
Due to Whonix stream isolation every request should be with a new IP right?
Yes… but partly.
On multiple instances I’ve gotten the same exit node IP range belonging to a think tank in sweden, namely QuxLabs. When you read they’re a “think tank” you get the alphabet chills.
I restarted tor multiple times. I obtained new bridges. I even deleted sys-whonix to wipe the descriptors and start completely fresh.
Majority of those SSH connects were through those same IP ranges with few exceptions in between. If I use Tor browser no such issue persists but anything from the terminal has this issue.
How is this possible or am i subject to some sort of bgp redirect attack?