Using Mint 19.1 Cinnamon as base, I wanted to try to use Virtualization to create more secure OS.
Not having started this yet, I wanted to ask. What kind of software should I add to the Base Linux (Base Linux which does the internet communication, driver hardware?)
Anything I should remove, as it might save to cloud?
Like Firewalls, malware protection? Is there yet an Encrypted DNS, which I can lock onto, not allow a substitute DNS?
As you can guess, I am preparing an initial install.
Would anyone suggest an alternate Linux Stub to base my virtual machine on? (Something other than Mint Linux.)
Thanks for reading, and for those who take the time to reply.
Virtualization for security.
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
-
- Level 1
- Posts: 14
- Joined: Tue Jul 10, 2018 9:43 am
Virtualization for security.
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
- Pjotr
- Level 24
- Posts: 20052
- Joined: Mon Mar 07, 2011 10:18 am
- Location: The Netherlands (Holland) 🇳🇱
- Contact:
Re: Virtualization for security.
Firejail is a fine sandboxing application, ideal for your web browsers:
https://easylinuxtipsproject.blogspot.c ... ndbox.html
You might find this article interesting, that I've written about security in Linux Mint:
https://easylinuxtipsproject.blogspot.c ... urity.html
https://easylinuxtipsproject.blogspot.c ... ndbox.html
You might find this article interesting, that I've written about security in Linux Mint:
https://easylinuxtipsproject.blogspot.c ... urity.html
Tip: 10 things to do after installing Linux Mint 21.3 Virginia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Re: Virtualization for security.
Firejail makes a lot of sense as it will sandbox your browser and any other apps you use to go online.Pjotr wrote: ⤴Sun Feb 10, 2019 11:28 am Firejail is a fine sandboxing application, ideal for your web browsers:
https://easylinuxtipsproject.blogspot.c ... ndbox.html
You might find this article interesting, that I've written about security in Linux Mint:
https://easylinuxtipsproject.blogspot.c ... urity.html
Although a VM will give you the benefit of sandboxing you can take a performance hit - so to my way of thinking Firejail is the best of both worlds - sandbox like a VM and no performance hit. VMs are great IMO for that Windows app that you need occasionally that there is just not a satisfactory native linux substitute.
There are several ways to accomplish encrypted DNS and to prevent DNS leak.
DNScrypt - I haven't used this method for a while but when I did it was very effective.
There is a HOWTO thread for DNScrypt on this forum
viewtopic.php?t=270777
VPN - This can depend on the vpn provider - some providers do not do a good job of encrypting your DNS queries and let your DNS queries go to your ISP un-encrypted.I use Private Tunnel which I like and tested and found it does send my DNS requests encrypted to it's servers. So if you go the VPN route you would need to research which VPN would encrypt your DNS.
https://www.privatetunnel.com/
PiHole - This is my favorite and what I am using now. This takes a little effort but well worth it IMHO. PiHole is a great add blocker as well as blocking other bad actors before they even get to your browser which improves your browser performance. As well you can configure DNS over HTTPS (DoH) to Cloudflare DNS servers for added protection. This gives you several advantages - performance, add blocking, malware etc. protection, just plain bad actor protection, encrypted DNS and preventing DNS leak. I did set up PiHole on a VM for testing and it worked fine so that could be an approach. But in the end I decided to run PiHole on an old laptop running LMDE - PiHole will run on any Debian based OS to include Ubuntu and Mint - you can even get a little RaspberryPi for ~ $100 and run it on that.
https://pi-hole.net/
https://docs.pi-hole.net/guides/dns-over-https/
-
- Level 1
- Posts: 14
- Joined: Tue Jul 10, 2018 9:43 am
Re: Virtualization for security.
Looks like excellent knowledge. I will take some time to work on this, but not right now. I have a doctors visit coming up, where likely I will catch the Flu I have avoided so far. Thanks for the advice.