[tor-talk] two tors?
arma at mit.edu
Fri Apr 6 20:31:54 UTC 2012
On Fri, Apr 06, 2012 at 04:01:59PM -0000, BigTor wrote:
> > I have two internet apps that I want to run the same time, both using tor
> > socks proxy. I do not want the data streams of the apps routing thorugh
> > the same circuit. Is it safe two run two tor processes, with different
> > proxy ports?
> If you configure and use it right, I think it's safe. Remember to change
> the SocksPort option in torrc and to let tor use different pidfiles.
Actually, you can do it with a single Tor and multiple SocksPort lines,
if you're using Tor 0.2.3.x. See this piece of 0.2.3.3-alpha's changelog:
o Major features (stream isolation):
- You can now configure Tor so that streams from different
applications are isolated on different circuits, to prevent an
attacker who sees your streams as they leave an exit node from
linking your sessions to one another. To do this, choose some way
to distinguish the applications: have them connect to different
SocksPorts, or have one of them use SOCKS4 while the other uses
SOCKS5, or have them pass different authentication strings to the
SOCKS proxy. Then, use the new SocksPort syntax to configure the
degree of isolation you need. This implements Proposal 171.
- There's a new syntax for specifying multiple client ports (such as
SOCKSPort, TransPort, DNSPort, NATDPort): you can now just declare
multiple *Port entries with full addr:port syntax on each.
The old *ListenAddress format is still supported, but you can't
mix it with the new *Port syntax.
You can read more details in the SOCKSPort entry of the 0.2.3 Tor manual.
The advantage to using one Tor with multiple SocksPort lines is that
you don't load down the Tor network with duplicate directory fetches.
More information about the tor-talk