Linux VM on Windows 10

Discussion in 'Linux Compatibility and Software' started by Starlight5, Mar 9, 2018.

  1. Starlight5

    Starlight5 So what if I'm crazy? The best people are.

    Reputations:
    317
    Messages:
    2,508
    Likes Received:
    1,080
    Trophy Points:
    181
    Would someone please kindly recommend a good, tried & tested guide on implementing VPN killswitch which also protects from DNS leaks on Linux? I googled a few, implemented this one but all I got is total loss of DNS connectivity as a result. A number of typos should have scared me off right away. )'=
     
    Last edited: Mar 12, 2018
  2. Hossbando

    Hossbando Notebook Enthusiast

    Reputations:
    5
    Messages:
    40
    Likes Received:
    7
    Trophy Points:
    16
    Windows is insecure. I would recommend a solid *nix distro as your base, then a mint VM and a windows VM for your different use-cases.
     
    jclausius likes this.
  3. Dennismungai

    Dennismungai Notebook Evangelist

    Reputations:
    202
    Messages:
    453
    Likes Received:
    326
    Trophy Points:
    76
    Hello there,

    I would NOT recommend using iptables directly on an environment where firewall rules cannot be validated on the spot. It is entirely possible to configure iptables into an invalid state. You might even get locked out of your machine (over SSH, etc) when setting up iptables rules.

    iptables is powerful, like a loaded gun. The kind you don't want pointed at you, and for that reason, I'd recommend ufw over using iptables directly.

    Why?

    Because ufw will not allow an invalid state on iptables.

    Now, to your question:

    Take a look at this:

    1. Arch wiki's guide on simple stateful firewalls: https://wiki.archlinux.org/index.php/simple_stateful_firewall

    And with that understanding, proceed to:

    2. Using ufw to create a working VPN killswitch: https://gist.github.com/Necklaces/18b68e80bf929ef99312b2d90d0cded2
     
    Vasudev and Starlight5 like this.
  4. Starlight5

    Starlight5 So what if I'm crazy? The best people are.

    Reputations:
    317
    Messages:
    2,508
    Likes Received:
    1,080
    Trophy Points:
    181
    @Dennismungai thank you. I ended up getting rid of VMs, and just running everything on Windows, with couple apps bypassing VPN with the help of ForceBindIP64.
     
    Vasudev and jclausius like this.
  5. Dennismungai

    Dennismungai Notebook Evangelist

    Reputations:
    202
    Messages:
    453
    Likes Received:
    326
    Trophy Points:
    76
    Nice! You've got it working the way you want it to, and that's what matters! Your needs, and your privacy first.
     
    Vasudev, jclausius and Starlight5 like this.
  6. Dennismungai

    Dennismungai Notebook Evangelist

    Reputations:
    202
    Messages:
    453
    Likes Received:
    326
    Trophy Points:
    76
    The same could be said of any operating system.

    How a computing platform is set up matters more than what's running on it, from a security perspective.

    Flagging *nix-based distros as inherently secure is an extension of security by obscurity. Implementation details matter, even where one platform may inherently be more secure by default.

    A non existent firewall, outdated software, and bad user behavior(s) will not keep you secure just because you're on Linux.

    Secondly, there's the issue of hardware support. If a user is able to meet his/her needs by virtualization rather than a bare metal installation, its' all well and good.

    Linux, despite best efforts, will always lag behind proprietary operating systems in terms of hardware support (and usability). And that will be the trend for perhaps the coming decade or thereabouts.
     
    Vasudev and Starlight5 like this.
  7. Hossbando

    Hossbando Notebook Enthusiast

    Reputations:
    5
    Messages:
    40
    Likes Received:
    7
    Trophy Points:
    16
    Open source programmers don't have a tendency to write backdoors into their code.
     
  8. Jarhead

    Jarhead 恋の♡アカサタナ

    Reputations:
    4,891
    Messages:
    12,052
    Likes Received:
    2,810
    Trophy Points:
    581
    As someone who writes both open and closed code, people who write closed code tend not to as well (its bad for business, especially in niche software).

    In addition to what Dennis said, you also have to keep in mind that even if you have a perfect OS, the rest of the software/hardware you use might not be perfectly secure. No good if you have the Best OS if your router is leaking all your activity, or if someone sneaks in a hardware keylogger on your system, if you use a secure system insecurely (logging into Facebook while on Tor, for example, etc).

    The security of the user is far just as important, if not more so, than the security of the system. You are the weakest link in security.
     
    jclausius and Vasudev like this.
  9. Hossbando

    Hossbando Notebook Enthusiast

    Reputations:
    5
    Messages:
    40
    Likes Received:
    7
    Trophy Points:
    16
    You can have open source software that's audited by thousands upon thousands of professionals, and used in countless implementations which require far higher security than the average person could ever need, for free, or you can rely on the guy with dollar signs in his head saying "Trust me." That's an easy choice to make.
     
    Vasudev likes this.
  10. Hossbando

    Hossbando Notebook Enthusiast

    Reputations:
    5
    Messages:
    40
    Likes Received:
    7
    Trophy Points:
    16
    "Telemetry."
     
Loading...

Share This Page