Why gateway always connected to one IP

Invisible · July 3, 2015, 8:24am

Why gateway always connected to one IP address 5. *. *. * And do not connected to other IP address? Month so. I begin paranoia.

Invisible · July 4, 2015, 4:59pm

Please tell me how change Tor entry node?

Patrick · July 4, 2015, 8:37pm

An attack that is one hand that skilled and that dilettante on the other hand seems unlikely to me. However, something could be wrong. Very much worth fixing to stay safe.

I don’t know what’s happening. If you want this fixed, it will be time consuming, difficult, cumbersome. You need some diagnosis skills. (See also: Whonix - Overview) I also highly recommend the advice linked in my signature.

general info, introduction: Tor Documentation for Whonix Users
how: Tor Documentation for Whonix Users

Entry does not change exit IP. For changing exit IP:

whonixfor · July 13, 2015, 1:18pm

Did you ever set up tor bridge?
if only one bridge in your bridge setting list works in the last 2 months, it would be so

Mattdaemon · August 26, 2015, 9:24am

I was wondering why this is happening as well. Apparently, this is how tor is intended to behave, argumentation is below. There has been published research in only using 1 guard and I think tor is using this system now [2]. If you want to reset the entry nodes that tor has chosen, delete the cache in /var/lib/tor/ as root user.

So, what should we do? Suppose the attacker controls, or can observe, C relays. Suppose there are N relays total. If you select new entry and exit relays each time you use the network, the attacker will be able to correlate all traffic you send with probability around (c/n)2. But profiling is, for most users, as bad as being traced all the time: they want to do something often without an attacker noticing, and the attacker noticing once is as bad as the attacker noticing more often. Thus, choosing many random entries and exits gives the user no chance of escaping profiling by this kind of attacker.
The solution is “entry guards”: each Tor client selects a few relays at random to use as entry points, and uses only those relays for her first hop. If those relays are not controlled or observed, the attacker can’t win, ever, and the user is secure. If those relays are observed or controlled by the attacker, the attacker sees a larger fraction of the user’s traffic — but still the user is no more profiled than before. Thus, the user has some chance (on the order of (n-c)/n) of avoiding profiling, whereas she had none before.

[1] How can we help? | Tor Project | Support
[2] Implement the single guard node proposal (prop#236) (#11480) · Issues · Legacy / Trac · GitLab

Patrick · August 26, 2015, 12:29pm

Bridges / entry guards do not influence exit relay IP.

Mattdaemon · August 26, 2015, 12:33pm

That Is true, but this topic is about the entry guard being fixed for a tor client, not the middle or exit node ip address.

Patrick · August 26, 2015, 12:41pm

Then I was confused. Interpreted the original question wrt exit relay. Then also my first answer here makes less sense.

If it’s about the entry guard, then it’s very much a non-issue and expected.