Q: does anyone know how to disable regular internet access in Windows except through a virtual machine (VMware or Virtualbox)?
I have set up my mom to use a live debian cd through VMware, but I would also like to disable networking through Windows Edge and Explorer. I don't know how to do this however.
Myself, I follow a similar scheme but using a linux virtual guest and host. Is it easy to disable networking for all networking except for apt/yum and vmware/kvm?
Lastly, does anyone know what it costs for a personal subscription to grsecurity?
Does the VM using the "nat" mode of networking also use Windows routing table? I don't know much about the networking between guest and host, except that the guest uses NetworkManager through its ethernet device. Even though this is a virtual device, I didn't think it would go through Windows' own net stack.
Would the bridged networking be any different than passing through the USB wifi adapter directly to VMware? (at which point the host doesn't have access to internet)
As far as I understand it, with bridged networking you're basically sharing the network device -- your VM has it's own stack down to the MAC address. So as long as your network device is still online (in the sense of being enabled in Windows and having a cable attached), packets for a particular MAC will travel to the right network stack.
This is probably useful from the VirtualBox manual:
> With bridged networking, VirtualBox uses a device driver on your host system that filters data from your physical network adapter. This driver is therefore called a "net filter" driver. This allows VirtualBox to intercept data from the physical network and inject data into it, effectively creating a new network interface in software...
This site [1] discusses pretty much what you are asking (all networking going through a virtualbox pfSense) however it's written for windows 7, not sure if this still works for 8-10
I would think if you set up the VM to deny everything coming from windows, and allow anything coming from the other linux VM it should work fine (just set up multiple NICs in the pfSense VM and have the linux VM go in through a different NIC than the host windows)
I personally do something similar with linux on linux where I have the host linux be allowed to only reach my internal network and the debian mirrors directly, and anything else is done through VMs.
I have set up my mom to use a live debian cd through VMware, but I would also like to disable networking through Windows Edge and Explorer. I don't know how to do this however.
Myself, I follow a similar scheme but using a linux virtual guest and host. Is it easy to disable networking for all networking except for apt/yum and vmware/kvm?
Lastly, does anyone know what it costs for a personal subscription to grsecurity?