Whonix

HEISENBERG

ADMIN
ADMIN
Joined
Jun 24, 2021
Messages
1,651
Solutions
2
Reaction score
1,769
Points
113
Deals
666
2021 08 24 11 59

Whonix is a Debian based Linux distribution. The name Whonix has been known since 2015, earlier this project was called TorBOX. The essence of Whonix is that it consists of two operating systems. One of them is a Gateway and its function is to route traffic through the Tor network, and the second is a Workstation, it is completely isolated and can only access the network through the gateway. The advantage of this combination is that no matter what the user does on the Workstation, no matter what utilities, including malicious ones, he launches, it is impossible to expose his real IP, simply because the Workstation does not know it.

When discussing Whonix, it is very frequently compared to Tails in matters of anonymity and security, but such a comparison would be incorrect, for several reasons:

  • Tails is mobile and optimized for use on removable media, Whonix is used in most cases in a virtual machine;
  • By default, Tails forgets all changes after a reboot, Whonix does not, although it can be changed;

Installing Whonix.​

We download Whonix, like any distribution kit, from the official site https://www.whonix.org/, we will be offered four options: Windows, Linux, OS X and Qubes. Choose the desired operating system and version of the XFCE graphical shell, or no shell at all. After that, a download link and installation instructions will appear, there will also be a link to download VirtualBox. After the download is finished, in VirtualBox you need to click “Import” and add the downloaded file with * .ova resolution, and after clicking the “Next” button, set the operating system settings.

After the import is complete, two systems will be added to VirtualBox: Whonix Gateway and Whonix Workstation. Usually, they are installed with optimal settings already, so you can start right away. First, launch Gateway, then Workstation. At the first start, in both systems, a window will appear in which we select “Understood” and click “Next”, in the second window that appears we repeat the same thing, after which the inscription “Whonix Setup is completed” will appear, and you can press “Finish”.

The “Anon Connection Wizard” window will appear on the Gateway, select “Connect” and click “Next” and then “Finish.” Now you need to wait until everything is set up, and you can work. The system may display a message that it has not been updated - do not worry about this, since you will still need to check for updates manually.
2021 08 24 12 01


Setting up Whonix.​

Now it's time to set everything up. And you need to start with updates. Open terminals in both windows and enter:

sudo apt-get update

sudo apt-get dist-upgrade -y


Then we enter the standard password:

changeme

We are waiting for both systems to be updated, it may take a lot of time, and after the end we need to check if everything is in order, for this we enter in the terminal:

whonixcheck
2021 08 24 12 02


After execution, none of the items should contain the inscription "Warning", if there is - we repeat starting with the updates, if there is no inscription, then everything is fine, and we can move on.

Now it's time to change the root and user password. This can also be done on both systems. By default, both systems use the standard username user and password changeme. We need to enter:

sudo passwd root

We enter the default root password, and then a new one twice, we repeat the same thing with the user account.

2021 08 24 12 02 1


Now let's update Tor Browser, for this we enter in the terminal:

update-torbrowser

The further setting is very situational and depends on your needs and comes down to installing and configuring the appropriate software, which is practically absent in this OS, so everyone is given the opportunity to install what he wants.

Hiding Tor usage.​

The use of the Tor network can be hidden. There are three ways to hide and all of them using a VPN. Tor usage can be hidden at the beginning of the connection, thus achieving invisibility from your ISP. Or you can hide it at the end, so the use of Tor will be hidden on the final site. And it is possible to do both.

Whonix> VPN> Tor> Internet

In this scheme, all traffic first passes through the VPN connection, after which it connects to the Tor network, but not from your IP address, but from the address of the VPN server. As a result, the provider does not know that you are using Tor.

All packets from your IP go to the address of the VPN server, and not to the address belonging to the Tor network, in addition to this, VPN traffic is usually encrypted. Another plus will be connecting to the entrance Tor node from the VPN server address, and not from your real IP.

This can be done by running a VPN connection on the host system and all traffic generated by it, including Whonix traffic, will go to the VPN tunnel, and only then get to its destination. You can also set up a VPN connection directly to the Whonix-Gateway, the effect will be the same. But it is better to use the VPN option on the host system.

Whonix> Tor> VPN> Internet

In this scheme, all traffic generated by Whonix will go directly to Tor from your address. When leaving the Tor network, it will enter the VPN tunnel and from the VPN server into the open network. As a result, the Tor address is hidden on the final site. Some sites and online services dislike Tor and do not allow its users, but this prohibition can be circumvented in this way.

This can be done by running a VPN connection on the Whonix-Workstation. Since the workstation does not have its own Internet connection, but only goes outside from Tor addresses, the VPN connection launched on it will connect to its server from the Tor address.

Then the packets will get into the open network from the VPN server address. In addition, the encrypted connection protects against interception of packets on the exit Tor-node, it is known that some owners of exit nodes like to do this.

Whonix> VPN> Tor> VPN> Internet

The method is combined of the previous two, the most expensive, but also the most profitable. The VPN must be active on two systems at the same time.
 
Last edited by a moderator:
Top