virtualbox.org

Hello,

Env: Windows XP Host and Fedora 11 Guest.

As "administrator" user I installed VBox in a Windows XP host and created a
VM based on Fedora Core 11, which I exported.

As an ordinary user in WinX, I started VBox, imported the FC11
appliance that I previously exported and used it. Everything worked
well.

I need have XP ordinary users using FC11 as root, so
XP ordinary users have root access to the FC11 VM.

However, I do need keep XP ordinary users without network access while
they are running VBox' VMs.

Hence, how can I disable network support from VBox for XP ordinary users
in order to prevent them from accessing network while running VBox' VM ?

Thank you in advance.

Disable the Host networking? Normal, non-admin, users can't enable network interfaces in Windows. You could install a firewall and block all network access for VB and protect the config with a password, that's another solution.

Just to clarify:

I have WindowsXP as host OS.

I have a FC11 as Guest OS (VM running under VBox under XP).

I want disable networking from guest OS and not Host OS.

I do not want the root user in my Guest (FC11) OS able to connect to any network. To me, it would be great if I could remove any network subsystem from VBox for that deployment.

Any idea ?

As I already told you, a firewall is another possibility. That will prevent the use of NAT. Disabling or installing VB without bridged mode will avoid that use too. Now the only thing the users have left, is Host-Only (which will access only the host at most, nothing outside) and Internal Networking (which is used for network connections between VMs).

Dear Sasquatch,

Well, I did not figure out how could I use Firewall in XP to prevent it. In fact, I tried to add VBox in the exception list of XP Firewall and instructed it to allow VBox just to connect to a specific (fake) network. It does not work.

Do you have some other idea using Firewall to prevent VBox of connecting to the local network ?

"Disabling or installing VB without bridged mode will avoid that use too."

Well, I believe I did a non-bridge installation. Anyway, could you let me know how to install it w/o bridge or even how to disable it after installed as you suggested ?

Thanks in advance.

Disabling bridged methods can be done in the properties of the NIC. There you will find the VB Network Filter driver. Uncheck it and you won't be able to use bridged for that NIC.

As for the firewall, check the VirtualBox FAQ for a few that are known to give issues, which is what you want . Any third party firewall should be able to stop VB from accessing the network. The default firewall in XP is pretty useless, it doesn't block anything you want to block, and allows things you don't want to.

Dear Sasquatch,

"Disabling bridged methods can be done in the properties of the NIC. There you will find the VB Network Filter driver. Uncheck it and you won't be able to use bridged for that NIC."
Following your suggestion firstly I disable it and it did not change the current behavior of guest OS in terms of networking. Then, I uninstalled it and had no success. After that, guest os still connecting to the networking as before. I reboot the XP just to be sure the uninstalled driver would not be loaded and it did not change anything.

Interesting that now I have no VBox Network Driver installed, at least it is not showing any entry at NIC property list as previously and the guest os still connecting to the network.

How could it be doing networking without Vbox network driver ?

Thanks !

You can't disable the full VB network unless you grab the source and modify it to not include any network sections. As I stated before, it can't be done, you can only use a few tools to prevent the VM from going to the outside. The Host and other VMs will still be accessible. The only thing you removed is the Bridged Networking feature, which allows you to make the VM act like a system on the physical network as if it's a stand-alone machine.