If you are a Whonix user this guide may be useful for you. Sometimes when I want to torify whole traffic from a virtual system I am using Whonix Gateway virtual machine. For people who haven’t use Whonix yet here is a short description with links:
Whonix ™ consists of two VMs: the Whonix-Gateway ™ and the Whonix-Workstation ™. The former runs Tor processes and acts as a gateway, while the latter runs user applications on a completely isolated network.
So sometimes in my virtual lab I want to use standard Linux distribution instead of the Whonix Workstation. There is a quite nice documentation about setting up a network in other operating systems. There is also section about Ubuntu, but since network configuration is now based on netplan, the wiki entry didn’t work for me. I set it up by myself, and decided to share the configuration steps. I did it on Xubuntu 22.04.
First, run the following set of commands to disable the
sudo systemctl stop NetworkManager
Next, start and enable the
sudo systemctl unmask systemd-networkd.service
edit conf file:
sudo nano /etc/netplan/01-network-manager-all.yaml
Your config should look like the one below:
enp0s3 is the name of your network adapter and apply new configuration:
sudo netplan apply
then shutdown the system.
In Virtual Box configuration for the virtual machine with Xubuntu choose network as
Internal Network and name choose
Whonix. (I guess you already have imported Whonix Gateway and know how to use it.)
Turn on the Gateway and your Xubuntu and that’s all. All the traffic from the Xubuntu machine is now passed through Whonix Gateway and “torified”.
Remember that Whonix Workstation has more security settings implemented, so you should harden your custom workstation for better security, privacy and anonymity. Check some cool comparison and read about More Security or Even More Security to make your custom workstation even better.
Basic steps would be to set some Firefox settings (hardening). Go to
about:config and change some options. Of course all depends on your needs, but below you can find some suggestions.
Disable Firefox Screenshots extension
Delete the URL for
toolkit.telemetry.server, and leave it empty.
Disable Firefox account features
Disable geolocation support
Disable notification support
Resist browser fingerprinting
Disable clipboard events
Of course go to standard Firefox setting available from GUI and change some options too, like clear history and cookie every time when Firefox is closed etc.
If you would like to use Tor Browser on custom Whonix Workstation, don’t forget to set it up correctly to avoid Tor Over Tor scenario.