true isolation of XP host and guests?
Posted: 29. Sep 2012, 15:41
I know this has been talked about before, but I am uncertain of the settings required to isolate, as much as possible, my XP host from the various guests I use. I recently installed an additional NIC, as I read about here, and I have configured the properties of both cards in the following ways under the Network Connections of WinXP:
1) First of all, there are 3 LAN/ high speed internet connections shown: local area connection (LAC) #2, LAC #5, and VirtualBox Host- Only Network.
2) Right now, I am on the guest system. Both LAC 2&5 say "network cable unplugged" and "firewalled" while the Virtualbox host shows "connected" and "firewalled". I originally set up network connection properties in XP so that LAC #2 has "Client for Microsoft Networks", "QoS Packet Scheduler" and "Internet Protocol TCP/IP" enabled with the "Internet Connection Sharing" box unchecked; LAC #5 has "Client for Microsoft Networks", and "Internet Protocol TCP/IP" DISabled with the "Internet Connection Sharing" box unchecked and also has "Virtual Box Bridged Networking Driver" checked (this driver was UNchecked in LAC#2), and "QoS Packet Scheduler" remains the same (enabled). Finally, for the VirtualBox Host- Only Network, the connection properties are that ALL boxes are checked (Client, TCP/IP, QoS, and Virtualbox driver), but Internet Sharing remains unchecked. I have all VM's in Virtualbox set up in the "bridged adapter" configuration to card #2 with promiscuous mode "deny" and "cable connected" checked.
Performance: When connected as above and running a guest, the guest seems to be the only system that can access the Internet. When I remove the cable and plug into the other card, the opposite occurs- hosts accesses the net and the guest does not.
Of course, I *appear* to be achieving the desired results, but I wanted to post settings here for confirmation. Also, is the guest truly isolated from the host when accessing the net this way, or is there still a path?
Sorry to post the detailed settings, but I see very little of this in past posts so hoping to help others lacking settings information.
Thanks in advance for both your confirmation and help.
Josephine
1) First of all, there are 3 LAN/ high speed internet connections shown: local area connection (LAC) #2, LAC #5, and VirtualBox Host- Only Network.
2) Right now, I am on the guest system. Both LAC 2&5 say "network cable unplugged" and "firewalled" while the Virtualbox host shows "connected" and "firewalled". I originally set up network connection properties in XP so that LAC #2 has "Client for Microsoft Networks", "QoS Packet Scheduler" and "Internet Protocol TCP/IP" enabled with the "Internet Connection Sharing" box unchecked; LAC #5 has "Client for Microsoft Networks", and "Internet Protocol TCP/IP" DISabled with the "Internet Connection Sharing" box unchecked and also has "Virtual Box Bridged Networking Driver" checked (this driver was UNchecked in LAC#2), and "QoS Packet Scheduler" remains the same (enabled). Finally, for the VirtualBox Host- Only Network, the connection properties are that ALL boxes are checked (Client, TCP/IP, QoS, and Virtualbox driver), but Internet Sharing remains unchecked. I have all VM's in Virtualbox set up in the "bridged adapter" configuration to card #2 with promiscuous mode "deny" and "cable connected" checked.
Performance: When connected as above and running a guest, the guest seems to be the only system that can access the Internet. When I remove the cable and plug into the other card, the opposite occurs- hosts accesses the net and the guest does not.
Of course, I *appear* to be achieving the desired results, but I wanted to post settings here for confirmation. Also, is the guest truly isolated from the host when accessing the net this way, or is there still a path?
Sorry to post the detailed settings, but I see very little of this in past posts so hoping to help others lacking settings information.
Thanks in advance for both your confirmation and help.
Josephine