Please consider Subscribing: studio.ruclips.net/channel/UC39GKRsNps38x7UzydcOZ9w Follow me on Twitter: twitter.com/NielsenNTWKING Chapters: 00:00 Introduction 00:57 What is Whonix? 01:33 How does Whonix Work? 04:50 Installing Whonix on Linux Hosts 09:50 Linux Post Install Configuration and Best Practices 18:32 Verifying Whonix and Tor Configuration 19:34 System check for IP Leakage and overall heath 21:00 Installing Whonix on Windows Hosts 22:07 Importing Whonix OVA into VirtualBox 23:20 Windows Post Install Configuration and Best Practices 28:58 Verifying Whonix and Tor Configuration 29:56 System check for IP Leakage and overall heath 31:00 Famous Last Words
Excellent video, my friend. You did whonix a lot more justice than I did trying to explain its role in the scheme of things in comments on your last video. Your videos articulate well and are approachable by most anyone, a great asset to the community and a helpful resource. Much appreciated
@@ytg6663they could but it would take a massive amount of investigation to do so and would be very time consuming and costly. They'd have to start with an exit node in Tor which is usually going to be a rather large organization with probably thousands of not tens to hundreds of thousands of IPs before going back through the next node then on to the guard node, repeating the process through each node, and that's before even getting back to Whonix.
@ytg6663 Yes maybe but I think it would be very difficult as the proxies are scattered...however whoever controls the exit node might see yout data...
Have you considered switching up your anonymity portion and incorporating the new node system setup by the members of The cult of the dead cow called Veilid?
Tails is meant to be installed on removable media, and is suitable for scenarios where you want a portable and disposable solution, such as using it on different computers without leaving any trace. Whonix, being a virtual machine setup, is more suitable for a dedicated system where you want a more persistent environment.
Hey !Thx for sharing knowledge! I am always wondering , like we are hiding our IP with all them different techniques, but doesn't our MAC address get leaked ? I mean IP is changged to something else, but what about MAC address ? Can't it be traced as well as an IP ? As I know network cards MAC is unique and it is shared in sent packets at some layer. Pretty new in this area and a bit confused. If you could shed some light on that, would appreciate it a lot .
Whonix safeguards against IP leaks through its two-VM design, directing all traffic through the Tor network and isolating the Gateway for Tor connection. The system incorporates MAC address randomization, adding an extra layer of privacy by making it challenging to trace network traffic back to a specific device. By default, Whonix configures network filter settings to ensure that only the Tor network is utilized, reducing the risk of accidental leaks. While MAC addresses are unique and shared in packets, Whonix's measures minimize the potential for MAC address leakage, enhancing overall privacy and security for users navigating the Tor network.
Hey! Thx for a swift reply! You're awesome ! So Whonix does the job of MAC spoofing, thats cool. Do you think if spoofing your MAC manually would add any extra protection ? And also seen some guys getting rid of WHONIX workspace machine and setting up Kali instead to run through Whonix gateway. Does it reduce privacy in any way ? @@NNAdmin
Just picturing all the confused people reading this comment. Sorry, I had a squirrel moment. Scandinavian’s are a rare sight outside of Scandinavia. Those Irish though they are everrrrrywhere. Lol😂
Whonix not only routes all system traffic through the Tor network but also isolates networking components into separate virtual machines, providing a stronger defense against potential leaks. Additionally, Whonix includes features like stream isolation and secure defaults for applications, enhancing overall privacy and security. These comprehensive measures go beyond the capabilities of proxychains alone, offering a more thorough and effective solution for anonymous and secure web browsing.
Since whonix itself is a set of virtual machines, as shown in the video you have the gateway and then you have the workstation, you typically want to install whonix on your bare metal host. That is best practice and most reliable. You can try to install whonix within a virtual machine, but performance and reliability will become a concern. That type of setup is called nested virtualization. It works for some people in some situations, but it depends mostly on your system and your setup
@itsm3dud39 Whonix requires a hypervisor for its operation, with the most commonly used being a Type 2 hypervisor that necessitates a host operating system. While it is possible to install Whonix on bare metal using a Type 1 hypervisor like ESXi, Hyper-V, or Xen, this can be challenging based on my experience. Alternatively, a more straightforward approach is to install Kali or Fedora on a bare metal host and use VirtualBox as the hypervisor. This setup is user-friendly and effective. However, if you prefer VMWare Workstation, KVM, or another hypervisor, those are viable options as well.
Whonix is not a standalone operating system; instead, it is an operating system distribution based on Debian GNU/Linux. Specifically, Whonix is designed to run as a set of virtual machines on a host system.
Each has it's own place in the anonymity world, as does Anonym.OS, Qubes, etc. Tails is meant to be installed on removable media, and is suitable for scenarios where you want a portable and disposable solution, such as using it on different computers without leaving any trace. Whonix, being a virtual machine setup, is more suitable for a dedicated system where you want a more persistent environment.
VirtualBox is Microsoft's answer but it is limited crappy software. Whonix isn't that good if used by beginners. Now your privacy is at risk because you put all responsibility at the users end not to do anything stupid. Tor is a huge security risk for newbies so be aware of that. My personal preference is workstation > pfsense ( squid, etc... ) > local server ( tor, i2p, ... ) > pfsense > internet. Without virfualization because this is bad. If you use hardware you physically enforce your setup and your workstation is offloaded. Need an add blocker? Don't install that on your workstation but on the router. Etc... Balance your load over devices and separate your concerns. Tor is the anonymity, pfsense your privacy and firewall, workstation the browser. I don't use tor for normal browsing. But when I follow a tor link instead of hitting a wall pfsense detects it and forwards the request to the appropriate local server. Similar setup can be used for I2P server.
Thanks for sharing your detailed setup! It's great to see diverse approaches to privacy and security. Your emphasis on physical enforcement, load balancing, and specific use of Tor adds interesting layers to your setup. However, it's worth noting that the complexity of your configuration might pose challenges for less experienced users. While Whonix has its own strengths and weaknesses, your setup, too, requires careful configuration and maintenance. Also, just a quick clarification: VirtualBox is maintained by Oracle, not Microsoft. Nonetheless, the choice between hardware and virtualization is subjective and depends on individual needs. In the end, the 'best' setup varies based on one's threat model and comfort level. Regular updates, good security practices, and staying informed about potential risks are key, regardless of the chosen approach. Thanks again for sharing your insights!
@@NNAdmin thanks for your reply and corrections. I got confused with the vm part. Although not open source i prefer vmware. When watching your videos I realized the linux part was a bit below my level. I like to see myself as a simple ordinary user that just wants complete control over my system. I kind of got there with windows XP running it from ramdisks and what not but when I tried to use win7 I realized MS was doing everything they could to make my life hard. Things only got worse from there. I then switched to linux and all my issues dissapeared. Nowadays when I see people using windows I am confused. This is really odd, I used to be an expert with XP, what happened there? I use linux because it is simple, straightforward and easy to learn. I am baffled why people use an OS like windows that is so difficult to configure and control. Unless it is XP I can't help anyone. I am that kind of person that wants to look under the hood and know why the car drives. But I wasn't actually planning on driving it very far. My setup is a bit more complex but the best way to learn is to put knowledge into practice. I just see these things as fun projects.
@@NNAdmin thanks much to the quick answer yes I'm watching all your videos and getting great insight from you and Niel I plan on being the best ethical hacker big goals big shoes to fill but if Neil can do the same I can but as a ex-felon there's many issues thanks for the quick response "Dream Chasing catching all my goals"😜
Please consider Subscribing: studio.ruclips.net/channel/UC39GKRsNps38x7UzydcOZ9w
Follow me on Twitter: twitter.com/NielsenNTWKING
Chapters:
00:00 Introduction
00:57 What is Whonix?
01:33 How does Whonix Work?
04:50 Installing Whonix on Linux Hosts
09:50 Linux Post Install Configuration and Best Practices
18:32 Verifying Whonix and Tor Configuration
19:34 System check for IP Leakage and overall heath
21:00 Installing Whonix on Windows Hosts
22:07 Importing Whonix OVA into VirtualBox
23:20 Windows Post Install Configuration and Best Practices
28:58 Verifying Whonix and Tor Configuration
29:56 System check for IP Leakage and overall heath
31:00 Famous Last Words
Excellent video, my friend. You did whonix a lot more justice than I did trying to explain its role in the scheme of things in comments on your last video. Your videos articulate well and are approachable by most anyone, a great asset to the community and a helpful resource. Much appreciated
Thank you kindly for all the nice words!
Thanks. Well done. Keep posting videos.
Thank you,this is the perfect environment to run Maltego for your OSINT investigations!!
Can a government not order investigation of tor nodes located in their country ??
@@ytg6663i’m pretty sure they run most of the tor nodes by now.
@@ytg6663they could but it would take a massive amount of investigation to do so and would be very time consuming and costly. They'd have to start with an exit node in Tor which is usually going to be a rather large organization with probably thousands of not tens to hundreds of thousands of IPs before going back through the next node then on to the guard node, repeating the process through each node, and that's before even getting back to Whonix.
@ytg6663 Yes maybe but I think it would be very difficult as the proxies are scattered...however whoever controls the exit node might see yout data...
@@phillydee3592 Whats the difference between something like this and vim or nano /etc/proxychains.conf
This is a good presentation my friend . Good information.
Thank you kindly
Seems interesting. I'll try it asap. Great video
A big thank you for your very detailed tutorial!!! Its very interesting and clear👍🏻👍🏻👍🏻👍🏻👍🏻👍🏻
Thank you, glad to hear it was helpful!
Have you considered switching up your anonymity portion and incorporating the new node system setup by the members of The cult of the dead cow called Veilid?
Not at this time, but I may put out a video on Veilid in the future.
Great Job
Is whonix better tan tailsOS? you should make a difference video about these two OS's
Tails is meant to be installed on removable media, and is suitable for scenarios where you want a portable and disposable solution, such as using it on different computers without leaving any trace. Whonix, being a virtual machine setup, is more suitable for a dedicated system where you want a more persistent environment.
Thanks for it good job
Installing Linux on whonix Would this be perfect for anonymously hacking testing?
Hey !Thx for sharing knowledge!
I am always wondering , like we are hiding our IP with all them different techniques, but doesn't our MAC address get leaked ? I mean IP is changged to something else, but what about MAC address ? Can't it be traced as well as an IP ? As I know network cards MAC is unique and it is shared in sent packets at some layer.
Pretty new in this area and a bit confused. If you could shed some light on that, would appreciate it a lot .
Mac can be spoofed
Whonix safeguards against IP leaks through its two-VM design, directing all traffic through the Tor network and isolating the Gateway for Tor connection. The system incorporates MAC address randomization, adding an extra layer of privacy by making it challenging to trace network traffic back to a specific device. By default, Whonix configures network filter settings to ensure that only the Tor network is utilized, reducing the risk of accidental leaks. While MAC addresses are unique and shared in packets, Whonix's measures minimize the potential for MAC address leakage, enhancing overall privacy and security for users navigating the Tor network.
Hey! Thx for a swift reply! You're awesome !
So Whonix does the job of MAC spoofing, thats cool. Do you think if spoofing your MAC manually would add any extra protection ? And also seen some guys getting rid of WHONIX workspace machine and setting up Kali instead to run through Whonix gateway. Does it reduce privacy in any way ? @@NNAdmin
HOW DO I USE IT ON A CHROMEBOOK?
Hey I’m also Danish!!!
Just picturing all the confused people reading this comment. Sorry, I had a squirrel moment. Scandinavian’s are a rare sight outside of Scandinavia. Those Irish though they are everrrrrywhere. Lol😂
Very informal
What's the difference between this and using kali and proxychains + tor ?
Whonix not only routes all system traffic through the Tor network but also isolates networking components into separate virtual machines, providing a stronger defense against potential leaks. Additionally, Whonix includes features like stream isolation and secure defaults for applications, enhancing overall privacy and security. These comprehensive measures go beyond the capabilities of proxychains alone, offering a more thorough and effective solution for anonymous and secure web browsing.
@@NNAdmin thanks a lot !
@@NNAdmin Is this more secure than running a TOR enabled proxy chains over a VPN? Great video btw
I'd like to know the answer to this question
I mostly preferred tails os because I only comment on websites that allow anonymous comment which doesn't require account.
You do you :)
Does Tails OS not acomplish this. And from a USB stick?
See my previous replies on this question.
Hello bro, when I'm changing the sudo passwd user Its seems wrong... I don't know how to change :(
I don't really understand the question you have?
do we need to install on a virtual machine or host machine??
Since whonix itself is a set of virtual machines, as shown in the video you have the gateway and then you have the workstation, you typically want to install whonix on your bare metal host. That is best practice and most reliable. You can try to install whonix within a virtual machine, but performance and reliability will become a concern. That type of setup is called nested virtualization. It works for some people in some situations, but it depends mostly on your system and your setup
@@4b5urd. Thnkx 👍
@itsm3dud39
Whonix requires a hypervisor for its operation, with the most commonly used being a Type 2 hypervisor that necessitates a host operating system. While it is possible to install Whonix on bare metal using a Type 1 hypervisor like ESXi, Hyper-V, or Xen, this can be challenging based on my experience. Alternatively, a more straightforward approach is to install Kali or Fedora on a bare metal host and use VirtualBox as the hypervisor. This setup is user-friendly and effective. However, if you prefer VMWare Workstation, KVM, or another hypervisor, those are viable options as well.
👍@@NNAdmin
This is not for native linux system?
Whonix is not a standalone operating system; instead, it is an operating system distribution based on Debian GNU/Linux. Specifically, Whonix is designed to run as a set of virtual machines on a host system.
💚💚💚💚
hey, am i the only one who did not get a setup wizard after initial bootup?
I am not sure what you're referencing, can you explain what you're doing and what you have tried to do to resolve the issue?
Wow
Wow is good right?¿ :P
why whonix is better then tails???😮
Each has it's own place in the anonymity world, as does Anonym.OS, Qubes, etc. Tails is meant to be installed on removable media, and is suitable for scenarios where you want a portable and disposable solution, such as using it on different computers without leaving any trace. Whonix, being a virtual machine setup, is more suitable for a dedicated system where you want a more persistent environment.
VirtualBox is Microsoft's answer but it is limited crappy software. Whonix isn't that good if used by beginners. Now your privacy is at risk because you put all responsibility at the users end not to do anything stupid. Tor is a huge security risk for newbies so be aware of that.
My personal preference is workstation > pfsense ( squid, etc... ) > local server ( tor, i2p, ... ) > pfsense > internet. Without virfualization because this is bad. If you use hardware you physically enforce your setup and your workstation is offloaded. Need an add blocker? Don't install that on your workstation but on the router. Etc... Balance your load over devices and separate your concerns. Tor is the anonymity, pfsense your privacy and firewall, workstation the browser.
I don't use tor for normal browsing. But when I follow a tor link instead of hitting a wall pfsense detects it and forwards the request to the appropriate local server. Similar setup can be used for I2P server.
Thanks for sharing your detailed setup! It's great to see diverse approaches to privacy and security. Your emphasis on physical enforcement, load balancing, and specific use of Tor adds interesting layers to your setup.
However, it's worth noting that the complexity of your configuration might pose challenges for less experienced users. While Whonix has its own strengths and weaknesses, your setup, too, requires careful configuration and maintenance.
Also, just a quick clarification: VirtualBox is maintained by Oracle, not Microsoft. Nonetheless, the choice between hardware and virtualization is subjective and depends on individual needs.
In the end, the 'best' setup varies based on one's threat model and comfort level. Regular updates, good security practices, and staying informed about potential risks are key, regardless of the chosen approach. Thanks again for sharing your insights!
@@NNAdmin thanks for your reply and corrections. I got confused with the vm part. Although not open source i prefer vmware.
When watching your videos I realized the linux part was a bit below my level. I like to see myself as a simple ordinary user that just wants complete control over my system. I kind of got there with windows XP running it from ramdisks and what not but when I tried to use win7 I realized MS was doing everything they could to make my life hard. Things only got worse from there. I then switched to linux and all my issues dissapeared. Nowadays when I see people using windows I am confused. This is really odd, I used to be an expert with XP, what happened there?
I use linux because it is simple, straightforward and easy to learn. I am baffled why people use an OS like windows that is so difficult to configure and control. Unless it is XP I can't help anyone.
I am that kind of person that wants to look under the hood and know why the car drives. But I wasn't actually planning on driving it very far. My setup is a bit more complex but the best way to learn is to put knowledge into practice. I just see these things as fun projects.
Sounds like a honey pot... I just lobotomized win10
No sure what sounds like a honey pot, but nice job on the Windows box, maybe it will help it's performance. :P
Noice! You have a new subscriber! Good day Sir
Thanks for the sub!
I use Virt-manager which one i gotta download?
I don't use Virt-manager, but I would try the KVM installer/instructions.
Can you please get ahold of me if you could I tried to find you on LinkedIn and couldn't I have lots of questions I need some good advice
Hi , I don't take one on one question sessions, instead my goal is to build a community, so feel free to ask you questions here or in the member area.
@@NNAdmin thanks much to the quick answer yes I'm watching all your videos and getting great insight from you and Niel I plan on being the best ethical hacker big goals big shoes to fill but if Neil can do the same I can but as a ex-felon there's many issues thanks for the quick response "Dream Chasing catching all my goals"😜
@@alexstaufenbiel1016 bro no one is "best ethical hacker" lol, and also ethical hackers don't much use these things in real life...