Integrate WHONIX with Kali Linux to achieve anonymity
How to become anonymous is the most common question that everybody asks on the internet. There could be many reasons to be an anonymous user; you are a journalist, and you want to get in touch with a whistleblower, or maybe you just care about your privacy. Cyber security professionals want anonymity for black-box testing and many other purposes. Regardless the reason, the objective is to be anonymous.
You might have already heard many ways for example; using the VPN, or TOR browser for that matter. However, all of them have some weaknesses, and if exploited you will be getting caught. In this article, we will discuss the anonymous operating system called WHONIX and how to integrate it with Kali Linux?
What should you learn next?
What is Whonix and how it is different from the TOR browser?
According to Wikipedia:
"Whonix is a Debian GNU/Linux-based security-focused Linux distribution. It aims to provide privacy, security, and anonymity on the internet. The operating system consists of two virtual machines, a "Workstation" and a Tor "Gateway," running Debian GNU/Linux. All communications are forced through the Tor network to accomplish this."
The architecture is based on two VMs:
- Workstation
- Gateway
The gateway is responsible for directing the traffic through TOR network, so we can replace the workstation (which is the OS of Whonix) with Kali Linux, and thus all the traffic will route through the WHONIX gateway instead of your own ISP gateway (the ISP will see the encrypted traffic only).
In the above picture you can see that the host machine hosts two VMs, one is the actual workstation (browser, and other desktop apps) while the other one is the internet gateway. The workstation is in the isolated condition, and it does not even know the real IP of the host (it will be installed on the VirtualBox, and it can only communicate to the world through its gateway which is encrypted and uses TOR network). Thus, DNS leaks are also impossible, and not even malware with root privileges can find out the user's real IP.
Let's replace the Whonix Workstation with Kali Linux and connect it with the gateway to make it anonymous. Things you need:
Step 1: Import the WHONIX gateway
Click on File → Import appliance → Browse the WHONIX gateway → Next → Import → Accept
Once you have imported, start the newly imported gateway and wait till it loads all the components. Now, read the terms and go next:
On the next screen, check "I am ready to enable TOR" and then click next. Allow it to install the updates from WHONIX team automatically and then go next. Check the "Whonix stable repository" and then go to the next.
Finish the setup and wait till it loads the TOR network.
Once you see the pop-up that it connected to TOR, click on the reload TOR button available on the desktop to get a new identity. Every time you load, you will get a new identity.
You are done here. Now, it's time to configure the workstation (Kali Linux). We will be using the highlighted non-loopback address as a system IP.
Create a new virtual machine, select the appropriate version.
Assign the memory size, 1024 is good. Create the virtual hard disk, select VDI and then go to the next step. Dynamically allocated size is fair enough, considering you have sufficient space on your drive, let's start with 10GB. After creating the VM, click on Settings → System → Processor → Enable PAE/NX
Click on Network → Enable Network Adaptor → Attached to Internal network → Whonix
The Kali Linux will able to connect to the internet using the Whonix Gateway only. Click on Storage → Empty → Browse the Kali ISO image which you have downloaded → Click OK
Start the newly setup Kali VM. And click to install you can also see the live view if you want.
Provide the basic information and let it load all the components, the DHCP will not load itself because it is not directly connected to the internet.
Click on the continue button →Configure network manually → use the IP address which you have noted in the Whonix Gateway (highlighted above).
Click on the continue; it will automatically assign the netmask; it will also detect the gateway IP. Now, the DHCP will go smoothly. Provide the rest of the information and then finish the setup.
This is it. You have successfully connected the Kali Linux with the Whonix Gateway; start the machine, it will automatically direct the traffic through TOR network.
To understand how does TOR work and how it is different than VPN? I recommend you to take the "Journey to the Anonymity on the Internet" program. Moreover, here is the video demonstration of the same.
FREE role-guided training plans
In this Series
- Integrate WHONIX with Kali Linux to achieve anonymity
- Free Valentine's Day cybersecurity cards: Keep your love secure!
- How to design effective cybersecurity policies
- What is attack surface management and how it makes the enterprise more secure
- Is a cybersecurity boot camp worth it?
- The aftermath: An analysis of recent security breaches
- Understanding cybersecurity breaches: Types, common causes and potential risks
- Breaking the Silo: Integrating Email Security with XDR
- What is Security Service Edge (SSE)?
- Cybersecurity in Biden’s era
- Password security: Using Active Directory password policy
- Inside a DDoS attack against a bank: What happened and how it was stopped
- Inside Capital One’s game-changing breach: What happened and key lessons
- A DevSecOps process for ransomware prevention
- What is Digital Risk Protection (DRP)?
- How to choose and harden your VPN: Best practices from NSA & CISA
- Will immersive technology evolve or solve cybercrime?
- Twitch and YouTube abuse: How to stop online harassment
- Can your personality indicate how you’ll react to a cyberthreat?
- The 5 biggest cryptocurrency heists of all time
- Pay GDPR? No thanks, we’d rather pay cybercriminals
- Customer data protection: A comprehensive cybersecurity guide for companies
- Online certification opportunities: 4 vendors who offer online certification exams [updated 2021]
- FLoC delayed: what does this mean for security and privacy?
- Stolen company credentials used within hours, study says
- Don’t use CAPTCHA? Here are 9 CAPTCHA alternatives
- 10 ways to build a cybersecurity team that sticks
- Verizon DBIR 2021 summary: 7 things you should know
- 2021 cybersecurity executive order: Everything you need to know
- Kali Linux: Top 5 tools for stress testing
- Android security: 7 tips and tricks to secure you and your workforce [updated 2021]
- Mobile emulator farms: What are they and how they work
- 3 tracking technologies and their impact on privacy
- In-game currency & money laundering schemes: Fortnite, World of Warcraft & more
- Quantitative risk analysis [updated 2021]
- Understanding DNS sinkholes - A weapon against malware [updated 2021]
- Python for network penetration testing: An overview
- Python for exploit development: Common vulnerabilities and exploits
- Python for exploit development: All about buffer overflows
- Python language basics: understanding exception handling
- Python for pentesting: Programming, exploits and attacks
- Increasing security by hardening the CI/CD build infrastructure
- Pros and cons of public vs internal container image repositories
- CI/CD container security considerations
- Vulnerability scanning inside and outside the container
- How Docker primitives secure container environments
- Top 4 Zapier security risks
- Common container misconfigurations and how to prevent them
- Building container images using Dockerfile best practices
- Securing containers using Docker isolation
- Introduction to container security
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
General security
Free Valentine's Day cybersecurity cards: Keep your love secure!
General security
General security