How to safely use Wireshark in Qubes?
146 views
Skip to first unread message
turb...@gmail.com
Feb 14, 2017, 12:39:41 PM2/14/17
to qubes-users
Sys-net app or make standalone fedora minimal template?
Subj.
Unman
Feb 14, 2017, 3:51:47 PM2/14/17
to turb...@gmail.com, qubes-users
On Tue, Feb 14, 2017 at 09:39:41AM -0800, turb...@gmail.com wrote:
> Sys-net app or make standalone fedora minimal template?
>
> Subj.
>
As you like - I use tcpdump to capture and run wireshark on the captured
> Sys-net app or make standalone fedora minimal template?
>
> Subj.
>
stream in a network isolated qube, which seems a reasonable approach.
raah...@gmail.com
Feb 14, 2017, 9:41:49 PM2/14/17
to qubes-users, turb...@gmail.com, un...@thirdeyesecurity.org
isn't tcpdump just as vulnerable though if not more?
I run things like that in sys-net since i consider it extremely untrusted, but if you have the resources or want only specific streams, sure a separate template or seperate vm i would assume is more secure.
Chris Laprise
Feb 14, 2017, 10:33:47 PM2/14/17
to raah...@gmail.com, qubes-users, turb...@gmail.com, un...@thirdeyesecurity.org
On 02/14/2017 09:41 PM, raah...@gmail.com wrote:
>
> isn't tcpdump just as vulnerable though if not more?
>
> I run things like that in sys-net since i consider it extremely untrusted, but if you have the resources or want only specific streams, sure a separate template or seperate vm i would assume is more secure.
Since sys-net is untrusted, try using a proxyVM which should be much
>
> isn't tcpdump just as vulnerable though if not more?
>
> I run things like that in sys-net since i consider it extremely untrusted, but if you have the resources or want only specific streams, sure a separate template or seperate vm i would assume is more secure.
safer. At least it'll work for IP traffic.
Chris
Reply all
Reply to author
Forward
0 new messages