Don
Whonix is an anonymous general purpose operating system based on Virtual Box, Debian GNU/Linux and Tor. By Whonix design, IP and DNS leaks are impossible. Not even malware with root rights can find out the user's real IP/location.
This is because Whonix consists of two (virtual) machines. One machine solely runs Tor and acts as a gateway, which we call Whonix-Gateway. The other machine, which we call Whonix-Workstation, is on a completely isolated network. Only connections through Tor are possible.
This is only a very brief introduction. See Documentation and/or Technical Design for a more comprehensive description, security features and threat model. To find out how secure/anonymous Whonix is, see Security Overview.
Whonix is produced independently from the Tor® anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else.|
Read More...http://sourceforge.net/p/whonix/wiki/Home/
This is a wiki. Want to improve this page? Contact us!
Whonix Features
Whonix is an Anonymous Operating System. It hides your IP/location and uses Tor to anonymize your data traffic. This means that neither the contacted server, nor any eavesdropper on your connections, nor the operators of the Tor network themselves can realize which webservice you use.
Basically all programs can used together with Whonix.
- For web browsing, Tor Browser is included.
- Messengers, like Pidgin, with the Jabber protocol and the OTR plugin.
- Privacy friendly e-mail client: Mozilla Thunderbird with TorBirdy
- scp for secure data transfer from and to a server.
- Unobserved administration of servers via SSH
- Web servers: Apache, ngnix, IRC servers, etc. via Hidden Services
- Other programs...
It is possible, with the help of Whonix, to use applications via Tor, which are not capable of proxy support by themselves.
Everything is explained in [Documentation].
Feature List
Adobe Flash anonymously Browse The Web Anonymously Anonymous IRC Anonymous Publishing Anonymous E-Mail with Mozilla Thunderbird and TorBirdy Add a proxy behind Tor (Tor -> proxy) Based on Debian GNU/Linux. Based on the Tor anonymity network. Based on Virtual Box. Can torify almost any application. Can torify any operating system Can torify Windows. Chat anonymously. Circumvent Censorship. DNSSEC over Tor ¹ Encrypted DNS ¹ Encrypted Communication Full IP/DNS protocol leak protection. Hide the fact that you are using Tor ¹ Hide the fact you are using Whonix Hide installed software from ISP Isolating Proxy Java anonymously Javascript anonymously Location/IP hidden servers Mixmaster over Tor Prevents anyone from learning your IP. Prevents anyone from learning your physical location. Private obfuscated bridges supported. Protects your privacy. Protocol-Leak-Protection and Fingerprinting-Protection Secure And Distributed Time Synchronization Mechanism Security by Isolation Send Anonymous E-mails without registration Stream isolation to prevent identity correlation through circuit sharing Virtual Machine Images VPN/Tunnel Support Whonix is produced independently from the Tor (r) anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else. Transparent Proxy Tunnel Freenet through Tor Tunnel i2p through Tor Tunnel JonDonym through Tor Tunnel Proxy through Tor Tunnel Retroshare through Tor Tunnel SSH through Tor Tunnel UDP over Tor ¹ Tunnel VPN through Tor Tor enforcement TorChat ¹ Free Software, Libre Software, Open Source ¹ via Optional Configuration
Advantages of Whonix
- All applications, including those, which do not support proxy settings, will automatically be routed through Tor.^1^ ^2^ ^3^ ^4^
- Installation of any software package possible.^12^
- Safe hosting of Hidden services possible. ^13^
- Protection against side channel attacks, no IP or DNS leaks possible. ^16^
- Advantage over Live CD's: Tor's data directory is still available after reboot, due to persistent storage. Tor requires persistent storage to save it's Entry Guards.
- Java / JavaScript^15^ / flash / Browser Plugins^9^ / misconfigured applications cannot leak your real external IP. See Whonix security in real world.
- Protection against IP/location discovery through root exploits (Malware with root rights) inside Whonix-Workstation. But you really should not test it, read footnote ^a^ and follow links mentioned in footnote ^a^.
- Uses only Free Software.
- Building Whonix from source is easy, see [BuildDocumentation].
- Tor+Vidalia^10^ and Tor Browser are not running inside the same machine. That means that for example an exploit in the browser can't affect the integrity of the Tor process.
- It is possible to use Whonix in conjunction with VPNs, ssh and other proxies. But see Tor plus VPN/proxies Warning. Everything possible, as first chain or last chain, or both.
- Loads of [Features].
- Loads of Optional Configurations (additional features / Add-Ons) available.
- Best possible Protocol-Leak-Protection and Fingerprinting-Protection.
- Private obfuscated [Bridges] can be added to /etc/tor/torrc.
- Whonix-Gateway can also torify Windows, see [OtherOperatingSystems].
Disadvantages of Whonix
- More difficult to set up compared to the regular Tor Browser Bundle.
- Needs virtual machines or spare hardware.
- Updating OS and applications behind the Tor proxy is slow.
- Higher maintenance required.^14^
- Tor Button's New Identity button is not supported with Whonix, see Tor Browser for a workaround.
Footnotes
Read More...http://sourceforge.net/p/whonix/wiki/Features/
Download
First time user?
The default user is: user
The default password is: changeme
- If you don't know what a metadata or a man-in-the-middle attack is.
- If you think no-one can eavesdrop on your communications because you are using Tor.
- If you have no notion on how Whonix works.
Then, check first the [About] and [Warning] pages to make sure that Whonix is the right tool for you and that you understand well its limitations.
Download Whonix virtual machine images
The default user is: user
The default password is: changeme
Download Whonix 0.5.6 from sourceforge.net
Verify the Whonix virtual machine images
It is important to check the integrity of the virtual machine images you downloaded to make sure no man in the middle attack or file corruption happened. (See [DownloadSecurity].)
Whonix virtual machine images are cryptographically signed using OpenPGP by Whonix developer adrelanos. OpenPGP is a standard for data encryption that provides cryptographic privacy and authentication through the use of keys owned by its users.
If you already know how to use an OpenPGP key you can download the Whonix signing key and the Whonix signatures straight away.
Otherwise, read our instructions to check the virtual machine images integrity:
- Using Linux: Ubuntu, Debian, Whonix, etc. using kgpg
- Using Linux with the command line
- Using other operating systems
Whonix signing key
You can learn about the signing key on the Trusting Whonix Signing Key page.
Whonix signature
Go there..
http://sourceforge.net/p/whonix/wiki/Download/
1. Pre Install Advice
Read and apply: Security Advice before installing Whonix.
2. Install
Just import both Whonix .ova images into Virtual Box. Do not change any settings! (You could do that later.) Do not change MAC address!
The .ova images should be imported into Virtual Box. There is also highly experimental support for [VMware], but only Virtual Box is fully supported, rather use Virtual Box.
If you need more help with Installing
There is a tutorial with screenshots, see [Install].
There are also Video Tutorials.
If you still need help, please go to the User Help Forum.
Read more...
http://sourceforge.net/p/whonix/wiki/Download/#verify-the-whonix-virtual-machine-images
(1). Install and start Virtual Box. Click on File -> Import Appliance...
(2). Click on Choose.
Read More...
http://sourceforge.net/p/whonix/wiki/Install/
Post Install Advice
On Whonix-Gateway and Whonix-Workstation
Change Passwords
The default user is: user
The default password is: changeme
Immediately change it!
Login as root:
sudo su
Change root and user password:
passwd passwd user
and follow the instructions.
Security Updates
Regularly check for security updates and apply them with:
sudo apt-get update && sudo apt-get dist-upgrade
Network Time Syncing
Don't wonder... To prevent against time zone leaks, the system clock inside Whonix was set to UTC. This means it may be a few hours before or ahead of your host system clock. Do not change!
Don't use the suspend/safe/resume feature of Virtual Box, unless you understood the Network Time Synchronization chapter from the Advanced Security Guide.
If your host clock is more than 1 hour in past or more than 3 hour in future, Tor can't connect. In this case fix your host clock manually (right click on clock). (Check for empty battery.) Then power off Whonix-Gateway and power Whonix-Gateway on again, Tor should be able to connect again. If your host clock is even more off, you could get into trouble updating your host operating system so have an eye on it that it's somewhat accurate.
This chapter is supposed to be as simple and short as possible to provide basic protection. You can archive more security if you understand the Network Time Synchronization chapter from the Advanced Security Guide.
Security Guide
You can further improve the security, see the Security Guide.
Read More...
http://sourceforge.net/p/whonix/wiki/Post%20Install%20Advice/
Videos
Go there...
http://sourceforge.net/p/whonix/wiki/Videos/
Whonix Linux is an Anonymous General Purpose Operating System Based on Virtual Box Debian GNU Linux and Tor
- Whonix - Google Search
- Whonix / Documentation / Home
- Whonix / Documentation / Home
- Whonix / Documentation / Features
- Whonix / Documentation / Download
- Whonix / Documentation / Videos
- Whonix / Documentation / Screenshots
- Whonix / Documentation / Documentation
- Whonix / Documentation / About
- Whonix / Documentation / Security Guide
- Whonix / Documentation / FAQ
- Whonix / User Help Forum / Forums
- Whonix / Documentation / Contact
- Whonix / Documentation / Download
- Whonix - Browse /whonix-0.5.6 at SourceForge.net
- Whonix - Browse /whonix-0.5.6-sig at SourceForge.net
- Whonix / Documentation / Download
- Whonix / Documentation / Post Install Advice
- Whonix / Documentation / DownloadSecurity
- Whonix / Documentation / Install
- Whonix / Documentation / Download
- Whonix / Documentation / Download
0 comments:
Post a Comment