No matter what steps I try to take I can’t seem to suss out malicious and entitled hackers from consistently compromising my networked devices. Not sure if they keep regaining access to Qubes from the router, usb keyboard or both and I’m not very technically inclined or learned in IT so I’m not sure what steps to take. Are there any log files I can send out to potentially help benefit this community? Running iftop on net/firewall seems to indicate that something is bypassing the internal 10...* IP routing from whonix <-> firewall <-> net. Reinstalling fedora 35 template appears to help fix the internal network bypassing until I restart the sys-usb cube.
A couple questions if my usb keyboard has malicious code on it will adding “sys-usb allow dom0” to the qubes.InputKeyboard file be able to compromise dom0 even after LUKS login? Connecting the keyboard attaches multiple qubes.InputKeyboard events and tries to connect multiple InputMouse events, is there anyway to restrict this to only initializing the first InputKeyboard event? Is their a way to monitor what code is being run from USB devices? The only way to fix something like a compromised keyboard is with newer firmware? Does running a USB keyboard through a PS/2 adapter block malicious code?
For networking, is there any strategy to better isolate sys-net cube? The moment the ethernet is active on a new install it gets outside IP requests (from my router?) that then seem to install files and compromise fedora-34/35 and debian-11 templates. Would it behoove of me to only run minimal templates for net/firewall/usb cubes? I haven’t tried getting any minimal templates to work so this is my next plan!
Any recommendations on an affordable security focused router and switch? This seems to be the major vulnerability and culprit. I would love to make the router I have more secure but I don’t think that is realistic for such a noob like myself.
Apologies for all the questions unpacked here, I’ve spent a lot of time trying to figure this out on my own and can’t seem to find a stable solution. I appreciate any advice and guidance!