hellresistor
commented
3 years ago type just the first part ss -ntp and share the output
Closed Frantch closed 3 years ago
hellresistor
commented
3 years ago type just the first part ss -ntp and share the output
Frantch
commented
3 years ago Ok, never mind, I was not doing that as root. Just tried with sudo and I've got 2 entries... since I found this strange I have
kalitorify -c and kalitorify -t again and now I only get one entry showing the guard ip.
I have ran the tcpdump command to show all traffic that is not going to or from my guard ip and all I have is
IP 192.168.0.1 -> 224.0.0.1: igmp query v3
From what I untderstood I should have literally nothing showing right?. Is that igmp query something to worry about?
Also could someone explain me exactly what is this guard ip? Is it my fixed public ip ? I thought tor randomly changes the exit nodes after a while so does that guard ip changes as well? or does it stays fix?
brainfucksec
commented
3 years ago Hi @Frantch.
The "Guard IP Address" is the IP Address of the "Tor Guard Relay" that you are connected, is a type of Tor relay, please see:
https://community.torproject.org/relay/types-of-relays/
About the IP address (224.0.0.1) that you see, please read here:
https://en.wikipedia.org/wiki/Multicast_address
https://en.wikipedia.org/wiki/Internet_Group_Management_Protocol
brainfucksec
commented
3 years ago Since it’s been one month, I hope that things are working well for you now. I’ll close the issue until we can confirm it’s still happening. I’m happy to continue further discussion whenever needed.
Hello,
I'm trying to check if I don't have leaks using the tcpdump method but this command (on kali, debian) returns blank
ss -ntp | grep "$(cat /var/run/tor/tor.pid)"Tor is correctly running and I do see that my public ip is hidden using different online ip checker.
I'm not enterily sure of what a 'tor guard ip is' so I don't what I should be looking for using an other method.