Whonix stream isolation

Hi. I use a few non-standard applications in Whonix WS 16, e.g. Telegram, session messenger. How should I set up stream isolation? There is a guide for electrum wallet:

Proxy: SOCKS5
Port: 9111

Can I set the same proxy for the rest of the application? Or different? If so, I would be very grateful for any advice.

I think this question is more for the Whonix forums.

You can read this:

1 Like

Can I set the same proxy for the rest of the application?

If you want to isolate the streams entirely, no.

As per documentation linked by DVM, use a different port for all applications. Usually, these are 9153 to 9159 (IsolateDestAddr without IsolateDestPort) by default. Alternatively, use torsocks if the applications support it. Since torsocks is configured with IsolatePID enabled in Whonix by default, it sends random SOCKS credentials to Tor based on the PID and current time. Since IsolateSOCKSAuth isolation flag is turned on by default in Tor, different SOCKS credentials will automatically be stream isolated.

For the long version, it is highly recommended to read the documentation in order to understand the inner workings and prevent mistakes.

This is a better question for the Whonix Forum:

1 Like