A couple of questions on qubes. .

  1. Where would i install wireshark and nethogs on Qubes if i wanted to check the traffic?
  2. How do you set up tor-over-vpn in Qubes? Any scripts?
  3. The meny in Qubes disappeared ontop when i clicked it the wrong way.
    So where is the setting to restore the top meny in Qubes, and how do i remove the option to click it away by mistake?
  4. Where would i install opensnitch or similair in Qubes to check the traffic?
    GitHub - evilsocket/opensnitch: OpenSnitch is a GNU/Linux port of the Little Snitch application firewall
    An intrusion detection system in Qubes would be good to have overall.
  5. Why is dom0 always old in Qubes, and why does not everything have the latest linux versions?
  6. If i have debian-dvm as choide for domo according to Qubes manager. Why is it downloading fedora 32 if i click update over there?
  7. What are the best or most secure options to have in the Qubes global manager under source repositories?
    Community templates, and testing? testing under security should be more secure then the default option am i right?
  8. Is this the best solution to this date if someone wanted to have traffic IDS in Qubes?
    Traffic Analysis in Qubes OS – Zrubi.hu
    Are there any better ways?

The latest release of Qubes looks great btw! Thanks!

1 Like

Hi @bmqbmhhslj, welcome!

A few tips to get started:

  1. You’re more likely to get useful answers if you post your questions separately, because few peopke will be interested in everything, or have time to read through all the answers at once before contributing. (Creating a separate post for each question will also be more useful to people with similar doubts in the future.)
  2. Some of your questions are answered in the official Qubes OS documentation (example: Supported releases | Qubes OS). If you’ve already read articles from there, please mention them in your questions, that will help everyone help you more efficiently. If you haven’t read them, that’s a great place to get started! :slightly_smiling_face:
1 Like

Thanks. Yes, or people could answer what they know… And not everything. Maybe some know the answer to some question…
Yes i will read your link also, thanks for your answer. :slight_smile:

1 Like

Since Opensnitch operates on app level, you should run it in the same Qube you use to control it. Otherwise it would not be able to see the processes that access the network.

For the Wireshark, whatever qube provides the network (sys-firewall?) looks like the right place

still in testing

Thanks! Yes tor over VPN seems most secure. First connect to a VPN, and then use TOR in that VPN line…
How can you achieve that with the disposable browser in Qubes? Is it possible… Or do you need to use a VPN in some cube, and tor browser for that?

Is GitHub - control-owl/suriGUI: GUI for Suricata. fully open source? Good link! Thank you.:slight_smile:

instead of tor browser, use whonix


ok good it’s open source…
Yeah but whonix is using sys-whonix, and that would not be tor over VPN. First connect to a vpn and then tor over that vpn…

Whonix would connect straight away like tor > internet.

So in a way a tor browser would be more secure then just using whonix right?
I also read that people are tracking every human over tor now… So i don’t wanna use tor if they have like hundreds of exit nodes. I don’t have anything to hide, but if they are logging all of the traffic in exit nodes… That’s just wierd. A VPN don’t log, hopefully…

But sure, tor seems shady and allot of wierd people are probably using it… So it’s good if they catch dangerous people and so on. But it’s a shame everyone else is getting affected, and it seems like tor is a thing if the past now if they own hundreds of exit nodes and sniffing every humans traffic on tor.

I would use a better private internet connection, but i read that VPN is not secure, and privacy don’t exist today… So i might need to use tor. I would use a vpn only if it was secure.
But it’s not, they want everyones data and facebook are hunting everyone, and companies, and so on…

There should be better ways to surf anonymous… Without your ISP selling all of your data and so on…


put sys-vpn before it and you got what you want to

how you can came up with this?!? whonix is more secure than tor browser

government and intelligent agency? it better to give up

your password?

they log even more things than tor exit node

Ok, now i saw how to quote.
How do i do that? Anon-whonix qube settings have sys-whonis as a net qube. Do you mean i should change that option to a VPN?
The whonix would just use VPN>internet then right?

Because that would be TOR over VPN. The cube that has a VPN and tor browser on it is tor over vpn. That’s more secure then tor>internet as your earlier link…

I don’t know… But yes, i also read that the government and others are tracking everyone… Watch this:

So tor is probably less secure then a VPN today. And no, i will never give up the right to have privacy and freedom! People can stop bugging others with surveillance and cameras everywhere, covid-1984 passports and other methods… They need a creepy amount of control today over the population. face recognition, rfid chips and so on, it’s crazy! We will soon have a social credit system… Maybe getting to buy food or ride the subway!

I will always fight for the right to privacy… But sure i understand it does not exist today online.
Qubes is a good OS that cares about freedom and human rights though.

Yeah i mean, i would want some privacy, but i don’t really care anymore… Depends… Facebook logs every password and so on… Some just hunt data… And share it. Hackers and so on. But sure, i will try and keep my passwords somewhat safe. :wink:

It depends on the VPN…
Some are secure. So i have read. I don’t have any proof really…

Nah, but nobody has privacy online today. It could be possible, but that would require allot of dedication, and would just be annoying…
All i’m saying is that it’s good to have a secure OS and a secure internet connection. And to keep passwords, and stuff safe.

Otherwise i could just use windows without a VPN! =) I might start doing that, i’m giving up on security and privacy in 2022. Kidding. :wink: Unix is better overall.
And i value some privacy in life. About VPN logging… Then they would have allot of data on me… But my ISP would not see it… So i would rather have the VPN see the traffic.


then select it to sys-whonix


how the f@#$ this $h!+ idea came from?!? 3 node vs 1 node? are you comparing the speed of the slow as snail with the speed of f@#$%^& aircraft with a giant panting "vpn"and call it that you comparing the security?!? vpn know all of you data, the f@#$%^& metadata, and all other $h!++y thing for privacy such as your ip while tor not! totally!

it is the vpn locating in 5 eyes?

@ppc Are you sure you can use a non-whonix gateway as the netVM of a anon-whonix workstation? I thought a non-whonix appVM was necessary for non-whonix proxies (ex. a VPN qube).

  1. What helps to me is to type xfce4-panel in a dom0 terminal (panel appears), then to force closing the terminal while the process is still running (pres “x”-“Close Window”). panel disappears then reappears after a flash second.
1 Like

i forgot that op is on anon-whonix (i’m busy at that time)

A couple of questions

I would say that is more like several questions. :wink:

  1. Why is dom0 always old in Qubes, and why does not everything have the latest linux versions?

Stability and (ironically?) security. From the Qubes documentation:

“Normally there should be few reasons for updating software in Dom0. This is because there is no networking in Dom0, which means that even if some bugs will be discovered e.g. in the Dom0 Desktop Manager, this really is not a problem for Qubes, because all the third-party software running in Dom0 is not accessible from VMs or network…”

1 Like

Thank you!!! So this is the only solution for this issue? Thanks for posting that. :wink:
I did try KDE just now… Which i prefer. But still good to know your trick there.

Ok!I thought old versions could be less secure, but it makes sense if they are more secure… Thanks. And yes, a few to several questions. :wink:
If you don’t ask you don’t learn or get answers.:slight_smile:

Please consider possible security problems with that: Combining Tunnels with Tor.

1 Like

wireshark can just be in the same VM as the application you are trying to monitor.
For example if you are trying to sniff your browser traffic, you just run it in the same qube as your browser.
I guess if you were trying to sniff all the traffic from all your qubes you could put it in sys-firewall, but usually you’re using wireshark to monitor targeted traffic.

1 Like

I would always use wireshark in the netvm, using filters, rather than in
the target.
(The exception to this is generally sys-net.)

Because nethogs groups by process, it needs to run on the target.
Could it run on some other qube with an exported /proc and traffic
data? I doubt it.

I never presume to speak for the Qubes team.
When I comment in the Forum or in the mailing lists I speak for myself.
1 Like