Hint: might be slightly off-topic (except Question 1) Hello,
I am currently "harding" my Email-AppVM by adding additional firewall rules and using this opportunity to "play" with some tools like - rkhunter - clamav - lynis - AIDE - ... I am unsure if this is really needed in Qubes, but for me it is also about learning more about those tools. I have some questions regarding which might be answered by the security-professionals here. 1) If I choose to install an IDS like AIDE, should it be installed in the Template or AppVM ? As AppVM can't change critical system files, the Template VM might the better solution? 2) AIDE specific, but I couldn't solve it after googling for a while: everytime I run AIDE I get the following warning: [user@my-privmail bin]$ sudo aide --check DBG: md_enable: algorithm 7 not available It seems that this means that some algorithm is missing, but I don't know how to install it afterwards or disable the use of it. In an older topic I found the hint that it might be related to HAVAL which is a hashing algorithm. https://openindiana.org/pipermail/oi-dev/2013-July/002519.html But looking into my AIDE config file it seems that I am not using haval at all. Any ideas? 3) I run lynis and got some suggestion for improvements Running it on my customized fedora-26-min template (added some apps for email) I got the following result: Lynis security scan details: Hardening index : 73 [############## ] Question: is someone using lynis on Qubes and can give some feedback about this? regards [799] -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20180428102948.6ugvnmfcuwptgyi5%40my-privmail. For more options, visit https://groups.google.com/d/optout.