zlacker

[return to "What Is Qubes OS?"]
1. neodym+Cl[view] [source] 2022-07-09 19:02:33
>>LinuxB+(OP)
Maybe this isn't the best place to ask this, but I'll try anyway:

I'm a consultant involved in cybersecurity who often has to build and run VMs to either test out software, run things in sandbox, or connect to TOR from a VM I'll never use again.

Having said that, I currently use Windows with VMWare Workstation, but I find it frustrating and would prefer something that's less frustrating and feels more built-in.

Is there a solution that anyone would recommend for this kind of thing? Internal networks, Windows and Linux sandboxes, etc. I use Microsoft office products regularly, and my workstation (Dell Inspiron with an i9, 64GB ram, 2tb SSD) is connected to a thunderbolt 4 dock with 2 1440 monitors. I'd prefer for a Windows VM to have passthrough to the monitors and be able to interact with the host OS via that VM, so I can still share my screen during meetings and while coordinating efforts.

◧◩
2. Dracop+0p[view] [source] 2022-07-09 19:29:00
>>neodym+Cl
I don't known of this works with all your criteria, but you might want to go with UnRaid or Proxmox or a Type 1 hypervisor like vSphere/ESXi or Xen.
◧◩◪
3. neodym+Sq[view] [source] 2022-07-09 19:41:56
>>Dracop+0p
Maybe Fedora with Xen is the route I should try, assuming I can give the Windows VM full GPU pass-through and use it as a "primary" machine. I need to be able to screenshare almost daily via Zoom.
◧◩◪◨
4. hsbaua+sx[view] [source] 2022-07-09 20:26:51
>>neodym+Sq
I use vbox regularly on a Linux host, it’s not seamless but it works okay. I have custom built vm images with packer that do things like enable auto login and disable screensaver (these don’t matter on a vm, your host is where they should happen). I don’t need gpu so the vbox drivers suffice, but if I did I would probably consider getting a quadro or something and doing pci pass through (not even sure if vbox supports this)

As a cautionary though, vms are a good boundary but not a comprehensive one. If your threat model includes execution of 0day exploits (malware analysis or browser exploit chains) that can breach hypervisor perimeters you shouldn’t be doing anything sensitive from the host. RDP is better, but iirc there are some case studies of execution on the rdp client.

[go to top]