I am seeing very large number of tor circuits in sys-whonix. Sometimes 40 circuits even when doing nothing. I not sure of number of circuits before, but usually was 5 or 6 circuits, not 20 or 40. Sometimes list goes very long and a lot of times list is replicating first and second node. Tor log says might be under attack due to high failure rate, not always show this message.
This is what 40 circuits often look like:
A B C
A B D
A B E
A B F
A C D
A C E
A C G
A H I
A H D
A
A H D S
Z Y X
Z Y T
Z Y U
Z R U
Z B U
Z C U
Z
Z B D
Z B E
Lots of duplication of same nodes, duplications of parts of routes with small changes.
It also look like I get bridge or 4th connection at exit node and not using bridge.
Is this effort to deanonimise? Many circuits have replicating mathmatical properties at some point (ping between P-Q and A / ping between P-Q and B) Were there sometimes 40 or 80 circuits before? I don’t think saw this many circuits before, this is new? Can’t find information on usual number of circuit in sys-whonix.
I have read documentation and don’t understand what is reading. Don’t think this should happen like this. Sometimes circuit only show one node and not sure if this is considered complete circuit.
Also, seeing circuits access tor onions that not using. Will boot and not be in Tor, not be going to onion sites, and see onion site. One onion site is recognized and is been used before but long ago, not used onion site in many month.
If this is Tor issue, then how do I ask the Tor?