Page 1 of 1
NAT or Bridge which is more secure ?
Posted: 20. Nov 2010, 16:02
by jakes9x
Also;
Which of these will give me a different ip address NAT , Bridge Networking or Host only networking ?
I am using windows xp pro on both guest and the host.
Re: NAT or Bridge which is more secure ?
Posted: 20. Nov 2010, 16:38
by Sasquatch
And you goal being?
Re: NAT or Bridge which is more secure ?
Posted: 21. Nov 2010, 16:06
by jakes9x
i use virtualbox for testing purposes.
I am asking this in gernal which is more secure NAT or Bridge
Re: NAT or Bridge which is more secure ?
Posted: 21. Nov 2010, 16:24
by Sasquatch
It's still a matter of what situation you're going to create. If you just read chapter 6 of the
User Manual, you may answer it yourself.
Re: NAT or Bridge which is more secure ?
Posted: 26. Nov 2010, 04:24
by HubTou
Hello,
In a server context:
With brigded networking, all the TCP/UDP ports inside your VM are visible to the outside world, with NAT/PAT you have to declare them explicitely, which would be more secure (but could also be done with a firewall in the host or elsewhere).
In a client context:
It's not mandatory to declare a network card or connect the virtual network cable in the VM. After that you can select host only networking if you only intend to communicate with the host. Then it's usually easier and cleaner to use bridged networking rather than NAT if you have a DHCP server in your LAN.
jakes9x wrote:Which of these will give me a different ip address NAT , Bridge Networking or Host only networking ?
In the VM, all of them. Viewed from the LAN, bridged networking. Viewed from the WAN, none of them.
jakes9x wrote:I am using windows xp pro on both guest and the host.
<joke>Then abandon all hope of being secure!</joke>
Best regards,
Hubert
Re: NAT or Bridge which is more secure ?
Posted: 26. Nov 2010, 18:26
by prsym
the nat will share your host ip with your gues os, bridge will make your guest act like a completely separate machine. so you need to conifugure to request for an ip from your router or use a static ip. I have not been able to make host only to work the way I want it so I dont know.
In terms of crackers getting in from the network.
i would think that nat would be the most secure especially if you dont forward any guest ports, which means crackers will not be able to use your guest os or the vm as exploit point to your host. but I dont know vbox well enough to say
Re: NAT or Bridge which is more secure ?
Posted: 26. Nov 2010, 20:54
by HubTou
Hello,
prsym wrote:In terms of crackers getting in from the network.
i would think that nat would be the most secure especially if you dont forward any guest ports, which means crackers will not be able to use your guest os or the vm as exploit point to your host. but I dont know vbox well enough to say
Even if you don't share any port in your guest, if you surf on a malicious web site or poll an email server and get some malware as a result, your guest could be compromised and could start contaminating your local network through the network. VirtualBox is not different from a physical computer in this case.
Best regards,
Hubert