Block internet access except for a Virtual Machine and Windows Update

windows networking virtual-machine
5,743

Solution 1

For VMWare you can disable IPv4 and IPv6 under the adapter settings this will disable the network on the host but still allow it to be accessed by the VM if it is set to Bridged. You can re-check IPv4 to temporarily enable the internet to allow updates if you are having an issue an update fixes.

Why not just use Ubuntu as the main OS? If you need Windows you should consider running the browser in Sandboxie and/or using something like Rollback rx because a VM will be cumbersome.

Solution 2

There are a few different things that you can do. To distinguish between windows and the virtual machine you can give each system a different static IP address, and then the firewall can assign rules to each of those IP address. You could for example assign Windows 192.168.1.50 and Ubuntu 192.168.5.50. In any case, I wouldn't imagine that you could use the same IP address in both as it would cause problems.

Additionally you can combine IP address information with OS packet fingerprinting. Originally this was done only with pf on the BSD platforms, but it looks like there is support for iptables today.

Furthermore to generate rules for only the Windows Update systems it is possible to use a firewall creation script called mason. It generates firewall rules based on traffic. Although, I suspect that there are many servers involved here and as a result it may be best to just enable all outgoing traffic destined to microsoft.com, unless you have the drive to find all of them.

Share:
5,743

Related videos on Youtube

Casebash
Author by

Casebash

Updated on September 18, 2022

Comments

  • Casebash
    Casebash over 1 year

    My brother has a laptop (using Windows 7) that he really wants to keep secure. Originally, he was not going to connect it to the Internet, but I suggested that I could probably set up a Ubuntu virtual machine for him so that he could still browse the Internet and have the files on the host machine protected. I am planning to use either Virtual Box or VMWare for the virtual machine. Is there anyway that I can restrict internet connections so that traffic is only to either Windows Update or the Virtual Machine?

  • Casebash
    Casebash about 13 years
    This actually works surprisingly well due to VMWare Unity. You can create a shortcut on the desktop and you can have a running program integrate in with your Windows tasks

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Connect Windows virtual machine to my local network
Windows 8.1- Hyper-V won't network with Ubuntu 14.04 VM
Accessing VMware Player across the network
Different ARP results between host and virtual machine
Cannot create external switch on Hyper-V
Ubuntu 12.04 VM on Windows 8 Hyper-V - No Network Connectivity
Bridged networking not working in Virtualbox under Windows 10
How to get network adapter index?
Map network drive: "net.exe USE" vs WshNetwork.MapNetworkDrive?
Not able to telnet / ping server installed on virtual machine