On 11/03/2016 11:42 PM, [email protected] wrote: > Coming out of a discussion in > https://groups.google.com/forum/#!topic/qubes-users/hs2yapPlUVA > > I am interested, does anyone run intrusion detection tools within their VMs?
Intrusion/virus detection inside the affected VM not really makes sense. However newer Xen versions has a nice feature: https://wiki.xenproject.org/wiki/Virtual_Machine_Introspection And already a real project using this feature: https://drakvuf.com/ That feature wound really make sense and would fit in Qubes philosophy pretty nicely. Another - currently implementable - way to use a proxy VM (as it is currently used as a dnf/yum proxy) and install your desired intrusion detection software there. Suricata is a good candidate for such thing: https://suricata-ids.org/ (I would just need more time and more RAM to play with such things ;) -- Zrubi -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/890bc090-fc22-9d91-b8bc-a8f55b1fa665%40zrubi.hu. For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: OpenPGP digital signature
