On 04/24/2017 06:04 AM, Zrubi wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 11/04/2016 10:35 AM, Zrubi wrote:
Another - currently implementable - way to use a proxy VM (as it
is currently used as a dnf/yum proxy) and install your desired
intrusion detection software there. Suricata is a good candidate
for such thing: https://suricata-ids.org/
(I would just need more time and more RAM to play with such things
;)
And finally now I have enough RAM, and got some time too :)
Here is the result:
http://zrubi.hu/en/2017/traffic-analysis-qubes/
Thanks for the guide; I will have to try it soon.
I may add a detection mechanism for file changes in my VM hardening project:
https://github.com/tasket/Qubes-VM-hardening/issues/4
The checks would occur before private.img is mounted as /rw.
--
Chris Laprise, [email protected]
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/327943bc-cfe0-b8bb-2722-4e3f23150294%40openmailbox.org.
For more options, visit https://groups.google.com/d/optout.
