There may be times when you need to do certain tasks over the web and be assured that no one can discover the address you're using. For instance, you might need to transmit business information, transfer files, or more securely connect to your company network when overseas. If your task requires an anonymity that standard platforms cannot offer, Whonix may be the solution for you.
Whonix uses the Tor anonymity network to help protect privacy. Tor accomplishes this by bouncing communications around a distributed network of relays run by volunteers around the world. The Tor anonymity network prevents somebody watching your Internet connection from learning what sites you visit and your IP address; it also prevents the sites you visit from learning your physical location. By using Tor, Whonix prevents traffic analysis Internet surveillance.
Features
- Tor browser included
- Support for messengers like Pidgin with the Jabber protocol and the OTR plugin.
- Privacy friendly email client: Mozilla Thunderbird with TorBirdy
- scp for secure data transfer from and to a server.
- Unobserved administration of servers via SSH
- Web servers: Apache, ngnix, IRC servers, etc. via Hidden Services
Installing Whonix
This installation requires the use of VirtualBox. For this tutorial, I will assume you either have VirtualBox installed or know how to install this software. Because VirtualBox can be run on multiple platforms, you are not limited to what you can host this Debian-based platform on.
The first step is to download two virtual machine files: Whonix-Workstation.ova and Whonix-Gateway.ova. After you download those files, open VirtualBox and prepare to import the virtual appliances. Follow these steps for both of the downloaded .ova files:
- Go to File | Import Appliance.
- In the first window of the Appliance Import Wizard, click Choose.
- Click Next.
- Click Import in the final window (Figure A).
Do not make changes to each entry.
After both virtual appliances are imported, go back to the VirtualBox main window (Figure B), select the Whonix-Gateway, and click Start. After that virtual machine boots, go back to the VirtualBox main window, select the Whonix-Workstation, and click Start. Figure B
Start the Whonix-Gateway first and then the Whonix-Workstation.
You will be prompted for a login. The default credentials are:
- username: user
- password: changeme
Once you're logged in, you should be able to start using Whonix.
I ran a very simple test with Whonix. I opened the Tor browser and went to the What Is My IP Address site to see what IP address was returned. The IP address provided by the site was not the IP associated with my network. Mission accomplished.
If you get a PAE error during startup (causing neither to start), here's how to resolve it:
- From the VirtualBox main window, right-click Whonix-Gateway and select Settings.
- In the Settings window, click Processor and enable PAE/NX.
- Click OK.
Repeat these steps for Whonix-Workstation and start both.
Once they're up and running, you should change the user and root password on both the Whonix-Workstation and the Whonix-Gateway.
- Go to the Whonix-Gateway terminal (Figure C).
- Log in with the default credentials.
- Issue the command sudo su to log in as the root user.
- Issue the command passwd.
- Enter a new password.
- Confirm the new password.
- Issue the command passwd user.
- Enter a new password.
- Confirm the new password.
The Whonix-Gateway looks like a standard Linux terminal.
You should check for security updates with the command sudo apt-get update && sudo apt-get dist-upgrade. Because Whonix is running on the Tor network, this command will take more time than you might expect.
Once Whonix is up and running, you should test the various tools it offers. Employing this platform could make for a nice, pseudo-portable security layer for your business. It might take a bit of work to get Whonix exactly how you need it, but the operating system is a nice solution if you're looking for a cheap layer of anonymity.
About Jack Wallen
Jack Wallen is an award-winning writer for Techrepublic and Linux.com. As an avid promoter/user of the Linux OS, Jack tries to convert as many users to open source as possible. His current favorite flavor of Linux is Bodhi Linux (a melding of Ubuntu ...
Full Bio
Jack Wallen is an award-winning writer for Techrepublic and Linux.com. As an avid promoter/user of the Linux OS, Jack tries to convert as many users to open source as possible. His current favorite flavor of Linux is Bodhi Linux (a melding of Ubuntu and Enlightenment). When Jack isn't writing about Linux he is hard at work on his other writing career -- writing about zombies, various killers, super heroes, and just about everything else he can manipulate between the folds of reality. You can find Jack's books on Amazon, Barnes & Noble, and Smashwords. Outnumbered in his house one male to two females and three humans to six felines, Jack maintains his sanity by riding his mountain bike and working on his next books. For more news about Jack Wallen, visit his website Get Jack'd.
