On 5/24/19 8:30 PM, Jean-Francois Simon wrote:
> Hi,
>
> Out of interest, I'd like to let you know a specific use of OpenBSD with PF, in
> virtualbox, 2 virtual network card Bridged to physical NIC, and building up a
> subnet with NAT and hence running Packet Filter as the machine's firewall.
>
>
> That's the firewall I use under Win7, OpenBSD running in a VM, out of pure
> interest into running BSD and let it purify the network access to
> desktop (without need for additional hardware).
>
>
> Works well, love it.
I have done something similar in the past. My personal preference is hyper-v on
windows 10 pro which seven can be upgraded to. I would hope hyper-V has
inherited kernel sandboxing/mitigation protections and hardening from Windows
kernel/azure.
I assign the physical nick to the OpenBSD VM and remove all check boxes like
ipv4/ipv6 support from that nick. Then I had an VNAT device for windows to talk
to. Glasswire ontop gives a window into the why is it connecting there or
obfuscating CDNs https certs without the other free windows firewall cruft.
I assume communications to the windows box could be made from a foreign network
via arp manipulation but a nice setup none the less, if you can be bothered with it.
No comments:
Post a Comment