3

I have read through the info here https://hackertarget.com/tor-exit-node-visualization/ and other places and I think I understand it enough but I'm not sure.

Am I correct in thinking that if I only visit sites that are on the onion network, I don't go through an exit node and therefore not at risk of the attacks/compromises that are associated to exit nodes?

I use a VPN all the time now on everything that I can get it on so that's the only IP address that would be seen but is it really necessary to use a VPN if you don't leave the onion network? Or is there some other risk where a VPN will be useful to remove or reduce it?

Thanks :)

Azteca
  • 1,116
  • 7
  • 16
GreenPee
  • 33
  • 3

1 Answers1

3

Am I correct in thinking that if I only visit sites that are on the onion network, I don't go through an exit node and therefore not at risk of the attacks/compromises that are associated to exit nodes?

Yes that's correct. If you are connecting to a hidden service, you're not leaving the Tor network. In theory, the hidden service itself is also not traceable and looks like a regular relay to all intermediate nodes. Since theoretically nobody knows where the hidden service is located, the usual attacks through observing exit nodes don't apply.

I use a VPN all the time now on everything that I can get it on so that's the only IP address that would be seen but is it really necessary to use a VPN if you don't leave the onion network?

If you don't use a VPN, your ISP or network administrator will know that you are using Tor (but not what you are doing). So use a VPN if you find it desirable to hide your Tor usage from others. Connecting to Tor directly also facilitates traffic correlation attacks. Also, in case of a DNS leak attack, e.g. through the Tor browser, the VPN might give you an extra layer of protection as you'd only resolve addresses through the VPN tunnel and not give away your real IP address.

Arminius
  • 44,242
  • 14
  • 143
  • 138
  • Thanks Arminius, glad that's clear. Whenever I use Tor now it's within Whonix with the host running the VPN and for the type of activity I feel safe enough :D – GreenPee Feb 22 '17 at 00:37