[qubes-users] Torsocks and dnf no longer work in Fedora 29 -- Any Ideas?

2019-03-24 Thread ashleybrown480
I utilize torsocks dnf to perform updates over tor inside of HVM linux installs (so not in templates obviously which would use qubes normal update mechanism). Since upgrading to Fedora 29 torsocks is not working with DNF. It throws an exception message. This is not directly related to qubes,

Re: [qubes-users] How does Qubes DNS resolving work?

2019-02-14 Thread ashleybrown480
Feb 14, 2019, 3:42 PM by un...@thirdeyesecurity.org: > On Thu, Feb 14, 2019 at 03:13:00PM +0100, > ashleybrown...@tutanota.com > > wrote: > >> >> >> Hopefully one day they revert it back to how it was in 3.2. A very common >> use-case for the firewall is

[qubes-users] How does Qubes DNS resolving work?

2019-02-13 Thread ashleybrown480
When I look at /etc/resolv.conf in the following VMs it says different things: 1) Normal AppVM: nameserver 10.139.1.1 nameserver 10.139.1.2 2) Sys-firewall VM: nameserver 10.139.1.1 nameserver 10.139.1.2 3) Sys-net VM: [actual resolvers] The chain for DNS packets is obviously AppVM ->

Re: [qubes-users] How does Qubes DNS resolving work?

2019-02-14 Thread ashleybrown480
> The magic is in NAT rules (but I had to research this too.) See > https://www.qubes-os.org/doc/networking > , and "sudo iptables -t nat -L" in > sys-firewall and sys-net. I previously looked at IP tables and honestly I really do not understand it.

Re: [qubes-users] why was DNS/ICMP removed from Qubes manager/firewall in R4?

2019-02-14 Thread ashleybrown480
There is an issue that talks about the change: https://github.com/QubesOS/qubes-issues/issues/4141 They are willing to port it back to how it should be if someone does the interface to re-add those options. -- Securely sent with

Re: [qubes-users] why was DNS/ICMP removed from Qubes manager/firewall in R4?

2019-02-14 Thread ashleybrown480
Hopefully one day they revert it back to how it was in 3.2. A very common use-case for the firewall is likely to ensure things like DNS requests do not happen through the normal means (and instead go over something like Tor or a VPN). Unfortunately, the current config does not make it very

Re: [qubes-users] How does Qubes DNS resolving work?

2019-02-14 Thread ashleybrown480
Hopefully one day they revert it back to how it was in 3.2. A very common use-case for the firewall is likely to ensure things like DNS requests do not happen through the normal means (and instead go over something like Tor or a VPN). Unfortunately, the current config does not make it very

Re: [qubes-users] Whonix Yes or No

2019-02-19 Thread ashleybrown480
> Personally, I don't trust Whonix. The decision to not trust Whonix is > not based on the sysadmin/aussie issue that came up recently on the > list. I'm simply not convinced that they are capable of designing and > writing secure software. Furthermore, there is no reason to use whonix > in the