[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] two tors?

On Fri, Apr 06, 2012 at 04:01:59PM -0000, BigTor wrote:
> > I have two internet apps that I want to run the same time, both using tor
> > socks proxy. I do not want the data streams of the apps routing thorugh
> > the same circuit. Is it safe two run two tor processes, with different
> > proxy ports?
> If you configure and use it right, I think it's safe. Remember to change
> the SocksPort option in torrc and to let tor use different pidfiles.

Actually, you can do it with a single Tor and multiple SocksPort lines,
if you're using Tor 0.2.3.x. See this piece of's changelog:

  o Major features (stream isolation):
    - You can now configure Tor so that streams from different
      applications are isolated on different circuits, to prevent an
      attacker who sees your streams as they leave an exit node from
      linking your sessions to one another. To do this, choose some way
      to distinguish the applications: have them connect to different
      SocksPorts, or have one of them use SOCKS4 while the other uses
      SOCKS5, or have them pass different authentication strings to the
      SOCKS proxy. Then, use the new SocksPort syntax to configure the
      degree of isolation you need. This implements Proposal 171.
    - There's a new syntax for specifying multiple client ports (such as
      SOCKSPort, TransPort, DNSPort, NATDPort): you can now just declare
      multiple *Port entries with full addr:port syntax on each.
      The old *ListenAddress format is still supported, but you can't
      mix it with the new *Port syntax.

You can read more details in the SOCKSPort entry of the 0.2.3 Tor manual.

The advantage to using one Tor with multiple SocksPort lines is that
you don't load down the Tor network with duplicate directory fetches.


tor-talk mailing list