Is there an effective way to use proxychains before Tor?

ricosuave · October 25, 2024, 4:42pm

I have heard that Tor keeps the same entry guards for about a month. This would mean that if I run Tor through proxychains (meaning every connection between my system and the Tor entry guard would come from a different edge proxy) then every edge proxy would connect to the same selection of entry guards. This approach is prone to correlation attacks if one or more of said entry guards are located in hostile territory - there would be a surge of connections between the same edge proxies and the same entry guards.

Is my assessment correct? If it is, can you think of a solution?

Alchemist · October 30, 2024, 4:43am

If you run Tor through proxychains, and multiple edge proxies are connecting to the same entry guards, it could indeed create a pattern that might be observable by an adversary monitoring the entry guards. This could lead to potential correlation attacks, especially if the entry guards are in a location that is hostile or under surveillance.

Potential Solutions:

Use Different Entry Guards: Instead of using the same entry guards, you could configure your Tor client to use different entry guards for different sessions. However, this may reduce the effectiveness of the guard mechanism, as it is designed to provide a stable entry point. (This is what Tails does by booting from RAM)

Increase Proxy Diversity: Use a larger pool of edge proxies that are geographically and administratively diverse. This can help to obscure the traffic patterns, making it harder for an adversary to correlate connections.

Randomize Proxy Usage: Instead of a fixed set of edge proxies, you could implement a system that randomly selects different proxies for each connection. This would help to break the correlation between the edge proxies and the entry guards. (I’m not sure how you would do this)

Monitor and Change Guards: Regularly monitor the performance and security of your entry guards. If you suspect that a guard may be compromised or located in a hostile area, you can change your entry guards by restarting your Tor client or using the NEWNYM command.

Is there an effective way to use proxychains before Tor?

You can connect through http proxies before you connect to socks5 proxychains.conf.
However I don’t believe proxychains can achieve Tor stream isolation and if that is a requirement then avoid proxychains as I don’t believe stream isolation works.

[ProxyList]
# proxy dns on socks5
proxy_dns
# Add your edge proxies here before socks5 (Tor)
http  192.168.1.1  8080
socks5  127.0.0.1  9050