I like your suggestion! I am security paranoid to a fault. For me, a
system is either rock solid or wide open. obsd is the closest I've found
to rock solid, and frankly a virtualbox vm running on win7 feels wide
open. But the more I thought about your idea, the more I liked it. Win7
w/o the virtual firewall is more simply at risk, so why not?
Seeing as I am still new to OpenBSD, I would probably have 2 vms: bsd1
passes everything incoming to bsd2 (the firewall), then bsd1 quietly logs
what goes out to check for nefarious-looking packets. That would take two
separate boxes to even start building, without vms. The VMs can fight and
die and be replaced, and even a noob like myself can learn what works
better and harder.
Can't wait to set something up.
-Jim
On Fri, May 24, 2019 at 3:38 PM Jean-Francois Simon <jfsimon1981@gmail.com>
wrote:
> Hi,
>
> Out of interest, I'd like to let you know a specific use of OpenBSD with
> PF, in virtualbox, 2 virtual network card Bridged to physical NIC, and
> building up a subnet with NAT and hence running Packet Filter as the
> machine's firewall.
>
>
> That's the firewall I use under Win7, OpenBSD running in a VM, out of
> pure interest into running BSD and let it purify the network access to
> desktop (without need for additional hardware).
>
>
> Works well, love it.
>
>
> Jean-François
>
>
No comments:
Post a Comment