What background reading is recommended for someone new to Qubes that has no Linux experience ?
Would downloading Debian and getting a beginner’s book be a good start ?
Was able to successfully install 4.2.1, but don’t know how to do the following:
Have read the Qubes documentation and can see the firewall can be configured in a GUI. Is this the only place to activate / configure the firewall ?
How do you view network traffic between Qubes and an external network (e.g. Internet) ?
there is the qvm-firewall command which allow more customization but is command line only.
run tcpdump or wireshark in a netvm
Hi vlda0, welcome to Qubes
This is probably a good idea as you are completely new to Qubes.
Many of the problems that people have with Qubes are not Qubes specific,
and a general understanding of Linux, Fedora or Debian, will be a great
help.
If you prefer not to read, there are many videos online to help get you
started.
A step further than some users.
It’s important to understand that by default Qubes blocks all new incoming
traffic, and that there is a firewall at each stage between sys-net and
your qube. All are activated automatically.
The GUI configuration tool controls only outbound traffic. You can
use it to restrict which sites or which protocols a qube can connect to.
There is a CLI tool, qvm-firewall, in dom0 which gives you slightly
more control over outbound connections.
If you want anything more than this you will have to learn nftables and
customise the firewall rules on the target qube and each upstream qube.
Definitely not for beginners.
There is no inbuilt functionality for this. You could install a network
sniffer like Wireshark in the template used by sys-net, or one of the
other network monitoring tools. One thing that you have to remember is
that at each stage of the network Qubes applies translation - all the
traffic that sys-net sees appears to have come from sys-firewall. If you
want more fine grained analysis you should monitor at that level also.