So I’m on the fence, I’ve been a Qubes user as my daily driver for a couple of years now, but been using it as a standard laptop, never diving too much into building labs out of it, I explore tor, compartmentalize my life a bit, social media, work emails etc. But I found a few things, such as CTF(Hack the Box mainly, though I’m moving to Vulnhub for this) and Malware Analysis(Ghidra) a bit of a pita in Qubes due to the networking as well as the isolation done by Qubes.
Picked up a much more powerful laptop, Legion 5, specs are as follows:
-i7-10750H
-32GB Ram DDR4
-512GB NVME
-1TB HDD
-GTX1660ti
I’d like to have 2 lab setups within it
CTF, where I can install either a KaliVM or a Custom DebianVM, and be able to connect it and talk to another VulnerableVM.
NetVM
|
Firewall
/ \
Kali VulnVM(OVA Files from VulnHub)
This would be isolated so they can only talk to each other. This seems feasable enough, just need to change out the firewall rules when changing out the VulnVM(maybe?)
Another would be a Malware Lab,
With a similar build
NetVM
|
Firewall
/ \
Ghidra MalwareVM (Win7/WinXP)
I’ve read a few articles, that QubesOS isn’t the greatest OS for this sort of instance, and that it’s better to use just a simple setup Debian/Ubuntu/Mint for this whole setup. Which is what I’m currently running, but I am just curious what the Qubes community thinks and if there’s any good setups in going about it beyond the one I linked above.
EDIT: Formatting got a bit weird with my layouts, but you can see the layout in the link I provided. Apologies.