|
|
|
|
|
|
by 3np
859 days ago
|
|
|
You could take a look at Whonix and Qubes - even if you don't use them you can roll your own setup with a similar approach: Have a dedicated "netvm"/"proxyvm" which only acts as a network bridge. "Minimal Whonix" consists of one workstation VM and one gateway VM (forcing everything over tor). Qubes integrates this approach into the UI of the hypervisor. Then you can be more confident that (barring something escaping the VM), you have control of what a particular VM may or may not access. Also allows you to have a couple of different netvms (maybe one does give some access to your internal network, one connects only over tor, one via some VPN...) that you can switch between without needing to change anything on the actual VM of concern. |
|
|