On Wednesday, January 18, 2017 at 12:27:54 AM UTC-5, Asterysk wrote: > It struck me that Qubes could be very useful for Detection of "malware" by > placing a monitoring capability . My question is in two parts: > > (1) Is Wireshark the best tool to use for this within Qubes > (2) Should it be placed in Dom 0 (if indeed thats possible) or in the sys-net > or sys-firewall
would be safer in sys-net, although sys-firewall would tell you which vm making the connection. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/526e10af-725a-4e45-a54c-4d2d2bac7c5c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.