Tor Network Usage: Detection & Prevention

TL;DR

Detecting and preventing high network usage in Tor is tricky because of its design. You can’t directly control bandwidth within Tor like you would on a normal connection. However, you can monitor overall traffic, identify resource-intensive applications, and use tools to limit their impact. This guide explains how.

Detecting High Network Usage

1. Understand Tor’s Limitations: Tor prioritizes anonymity over speed. Expect slower speeds than a direct connection. ‘High usage’ is relative; what’s normal depends on your activity and exit node conditions.
2. Use System Monitoring Tools: These show overall network traffic, helping you spot unusual spikes.
   • Linux: Use iftop or tcpdump.

     sudo apt install iftop

     then run sudo iftop -i eth0 (replace ‘eth0’ with your network interface).

   • macOS: Activity Monitor (Network tab) shows per-application bandwidth usage.
   • Windows: Resource Monitor (Network tab) provides similar information.
3. Tor Logs (Limited): Tor logs can show connection attempts, but don’t directly reveal bandwidth consumption. Check the log file location in your Tor configuration (usually /var/log/tor/log on Linux).
4. Check Application Usage: High usage is often caused by specific applications.
   • Tor Browser: Multiple tabs, streaming media, or downloading large files can consume significant bandwidth.
   • Other Tor Clients: If you’re using other clients (e.g., for instant messaging), they might be the source of the problem.

Preventing High Network Usage

1. Limit Application Bandwidth: This is the most effective approach.
   • Tor Browser (about:config): While Tor Browser doesn’t have built-in bandwidth limiting, you can use external tools to limit its process’s network usage.
   • External Tools: Use traffic shaping software like trickle (Linux) or NetLimiter (Windows).

     sudo apt install trickle

     then run an application with

     trickle -d 100 torbrowser-launcher

     to limit it to 100kbps.

2. Reduce Tor Browser Tabs: Each tab consumes resources. Close unnecessary tabs and avoid auto-refreshing websites.
3. Disable Media Autoplay: Prevent videos from automatically starting in Tor Browser (Settings > Privacy & Security).
4. Avoid Large Downloads: Downloading large files through Tor is slow and puts strain on the network. Use alternative methods if possible.
5. Use a Lower Bridge Bandwidth Setting (Advanced): If using bridges, reducing the bandwidth setting can help avoid being flagged for high usage, but will also reduce speed. This is in your torrc configuration file.
   • Edit torrc and add/modify:

     BridgeBandwidthRate 100

     (sets bridge bandwidth to 100kbps)

6. Consider Exit Node Selection: Some exit nodes are slower than others. While you can’t directly choose specific exit nodes, using a larger number of bridges or relays might improve performance.
   • Edit torrc and increase the number of relays/bridges used.

cyber security Considerations

Be cautious when using third-party tools for traffic shaping, as they could potentially compromise your anonymity. Always use reputable software from trusted sources.