Tor Over Tor Risk with CS VPN

To stay ahead of new and evolving threats, cryptostorm has always looked out past standard network security tools. Here, we discuss and fine-tune our work in bringing newly-created capabilities and newly-discovered knowledge to bear as we keep cryptostorm in the forefront of tomorrow's network security landscape.

Tor Over Tor Risk with CS VPN

Post by ZsN1s » Thu May 21, 2015 1:35 pm

I noticed I can access .onion sites directly without any additional suffixes in the url "i.e. torstorm"

It is widely recommended against any "TOR OVER TOR" configuration as the behaviour is described as unpredictable and its implications unknown.

Given this, how would a user of this VPN service who wants to avoid "putting all eggs in one basket" by using the VPNs built in onion routing service and instead run TBB over a crypto-VPN connect [i.e. prevent TOR fingerprints in ISP logs] but avoid the risk associated with any double TOR configs?

User avatar
Site Admin
Posts: 1275
Joined: Wed Feb 05, 2014 3:47 am

Re: Tor Over Tor Risk with CS VPN

Post by parityboy » Thu Apr 07, 2016 6:38 am


If you're talking about accessing .onion sites in a TBB-over-CS scenario, TBB will connect to guard entry nodes which are entirely separate from the client-mode Tor node running on a given CS exit node. The routing onto the .onion network will be totally different.

Last bumped by Anonymous on Thu Apr 07, 2016 6:38 am.