Documentation
This documentation is a crash course in anonymity and security on the Internet. Whonix is a technological means to anonymity, but staying anonymous is not just a technological problem; it is a complex problem without an easy solution. The more you know, the safer you can be.
Modern Privacy Threats
Whonix Overview
Whonix Development and License
Download Whonix
First Whonix Steps
Basic Security Guide
- Introduction
- Host Security
- Onionizing Repositories
- Operating System Software and Updates
- Passwords
- Qubes-Whonix Security
- Secure Command Line / Tor Browser Downloads
- System Hardening Checklist
- Time Attacks
- Tor Versioning
- Verifying Software Signatures
- Virtualization Platform Security
- Whonix-Gateway Security
- Whonix-Workstation Security
- Whonix and Tor Limitations
Advanced Security Guide
- Introduction
- Chaining Anonymizing Gateways
- Full Disk Encryption and Encrypted Images
- Host Firewall
- Host Security
- Network Time Synchronization
- Operating System Hardening
- Protection Against Physical Attacks
- Transporting UDP Tunnels over Tor
- whonixcheck Hardening
- Whonix-Gateway Hardening
- Whonix-Workstation Hardening
Computer Security Education
- Introduction
- Core Dumps
- Firmware Security and Updates
- Hardware Threat Minimization
- Hostnames
- Host Firewall Basics
- Host Operating System Selection
- MAC Address
- Malware and Firmware Trojans
- Open-source Hardware
- Out-of-band Management Technology
- Router and Local Area Network Security
- System Configuration and Access
- TCP and ICMP Timestamps
Whonix Bugs
Anonymous Browsing
Anonymous Email and Messengers
Anonymous Filesharing, Money and Other Services
- Anonymous Money and Payments (Draft)
- Filesharing and BitTorrent
- Phone Calls and VoIP (Experimental)
- Remote Administration
- rss Reader (Under Development) and Website / Blog Updates Subscription
- Usenet NNTP, News Reader, alt.anonymous.messages, Nym server URL Retrieval
- YaCy Decentralized Search Engine
Anonymous Internet Connections and Hosting
Encryption and Privacy
Whonix Software Tools
Work on Sensitive Documents
Tunnel and Chaining Support
- Chaining Anonymizing Gateways (Experts Only)
- Functional Whonix VPN Examples for Testing (Free)
- Possible Combined Pre- and Post-Tor Tunnels
User->Proxy / SSH / VPN->Tor->Proxy / SSH / VPN->Internet
- Tor Comparison with Proxies, Proxy Chains and VPNs
- Tunnel Proxy / Proxychains / SSH / VPN Through Tor
- Tunnel Tor Through a Proxy, VPN or SSH
Support or Contact Whonix
Other Whonix Resources
Non-Qubes-Whonix Only
- Non-Qubes-Whonix means all Whonix platforms except Qubes-Whonix. This includes KVM, VirtualBox and Physical Isolation.
- Change the Keyboard Layout
- Change the System Language
- Download the Whonix Signing Key
- Non-Qubes-Whonix Known Bugs
- RAM Adjusted Desktop Starter
- Verify Whonix Images
- VirtualBox-Specific
Advanced: Esoteric Issues
- Access Whonix-Gateway Ports from the Host, and Make Tor Accessible Running Inside Whonix-Gateway on the Host
- Enable the Global System DNS Resolver on Whonix-Gateway (Unrecommended)
- Enable Transparent Proxying for Whonix-Gateway's Own Traffic
- Unfinished: Censorship Circumvention Tools Other than Bridges
Advanced: File Transfers and SSH / SSHFS
- Add a USB Device to VirtualBox
- Mount and Inspect Images (IMG, VDI)
- Security Overview
- Shared Folders
- SSH or SSHFS into Whonix-Gateway
- SSH or SSHFS into Whonix-Workstation
- SSHFS into Whonix-Workstation (Standalone Instructions)
- Transfer Files from the Host into Whonix-Gateway or Whonix-Workstation via ISO images
Advanced: Miscellaneous
Advanced: Platform Support
Advanced: Tor
- Authenticated DNS / DNSSEC over Tor
- Configure Tor's SocksProxy in Whonix-Workstation: see Stream Isolation
- Encrypted DNS / DNSCrypt / httpsdnsd over Tor
- Hide Tor and Whonix Usage
- Host a (Private) (Obfuscated) Bridge or (Exit) Relay
- Protect against Identity Correlation via Circuit Sharing: see Stream Isolation
- Tor
- Tor Gateway Connections on the Local Network with a PPTP VPN
- Transport UDP Tunnels over Tor with a VPN
Advanced: Whonix-specific
- Backups and Restore
- Builds
- Configuration Files
- Design
- Desktop Environments
- Firewalls
- Multiple Instances
- Operating Systems
- Repositories and Packages
- Whonix Miscellaneous
Appendix
- Back-up Whonix
- Browsers
- Documentation
- Debian
- Forum
- Tor
- ExoneraTor: a Website Tool to Check for Tor Relay IP Addresses
- Tor Compass
- Tor Metrics Portal
- Tor Project Onion Services List (.onion)
- Whonix-specific
- Force .onion on Whonix.org
- sdwdate - Secure Distributed Web Date (Homepage)
- Security Reviews and Feedback
- Tor Browser without Tor
- Whonix Mentions in Press, Blogs, Youtube Videos, and Social Media
- Whonix Packages for Debian Hosts and Whonix Host Enhancements
- Whonix Portal
- Whonix Project Activities: Innovation, Cooperation and Education
License[edit]
Whonix Documentation wiki page Copyright (C) Amnesia <amnesia at boum dot org>
Whonix Documentation wiki page Copyright (C) 2012 - 2018 ENCRYPTED SUPPORT LP <adrelanos@riseup.net>
This program comes with ABSOLUTELY NO WARRANTY; for details see the wiki source code.
This is free software, and you are welcome to redistribute it under certain conditions; see the wiki source code for details.
Are you proficient with iptables? Want to contribute? Check out possible improvements to iptables. Please come and introduce yourself in the development forum.
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.
Whonix is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Libre Software license as Whonix itself. (Why?)