Does traceroute will get the entire tor relay circuit on workstation?

Hi,

Whonix is great.

My question: Assume a malware is on Whonix-Workstation that has ability do traceroute.
This malware using tcp syn do traceroute, Whether it will get the whole tor relay circuit like arm on Whonix-Gateway.

I can see the entire tor relay connections on Whonix-Gateway using arm tool. that is OK, because the place is Whonix-Gateway.

But if I or malware can see the entire tor relay circuit on Whonix-Workstation, I think that is a bad idea. because this will expose my ip location.

Whether Whonix has this problem or my worry is superfluous?

Thank you everyone.

Malware can only find out that you are using a Gateway and which exit node is used (assuming that the malware is unable to break into the gateway or out of the VM).
A traceroute can’t leak your entire circuit because no relaying node will respond to your TCP SYN as they only forward encrypted packets (i.e. they don’t even see that you sent a TCP SYN packet) and the exit node will probably also just forward the packet to its final destination.

1 Like