Sys-* as DisposableVMs

qwdhbjdf72 · February 25, 2021, 5:39pm

For extra security, I wanted to have my sys-net, sys-firewall and sys-usb as disposable vms, does anybody have some resources I can follow to do that? I remember seeing something in the documentation before but I can’t seem to find anything now.

Also, I have a proxyvm with mullvad VPN, I route most my traffic through it (followed mullvad’s official guide). Would having sys-firewall as a dispvm affect it negatively ? What should I have under consideration?

427F11FD0FAA4B080123 · February 25, 2021, 6:16pm

Clodius · February 27, 2021, 4:35pm

what I do and I believe make sense is just do sys-net-disp and maybe -usb, if you do and use wifi though you have to learn how to make the wifi pw permanent

but folks say sys-net has the larger ‘attack surface’ , you’ may also find some errors with your dom0 clockvm or at least change it to the new -disp