Dear Qubes community, i am interested in your ideas on how you would set up a Qube as secure as possible to connect to a single ordinary internet site (not a VPN network) accessed directly via its IP address.
My ideas are: 1) Edit the Qube's firewall via dom0 as follows: $dom0: qvm-firewall NAME-OF-QUBE del --rule-no 0 $dom0: qvm-firewall NAME-OF-QUBE add --before 0 drop $dom0: qvm-firewall NAME-OF-QUBE add --before 0 accept 127.127.127.127/32 proto=tcp 443 2) Go into the dom0-Qube settings and turn on the disable-dns-server service. With these two settings, there should really be no DNS traffic anymore, right? What else would you do? Best wishes Michael Singer -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a836d9db-51c0-8f4b-cfc0-ea7eab3a5d55%40posteo.de.
