Rey BangoQuestion: many tutorials for setting up a virtual pentest lab recommend using host-only adapters to isolate the VMs. Why don't they recommend using the "Internal" or "LAN Segment" adapters instead that block access to the host entirely? Seems like a more secure option.
PhoneBoy 🤔👨🏼💻🔐@rb it limits the number of other people that can pentest. Also, you assume there's a properly configured host firewall in place.
@phoneboy if the virtual lab is for me only, does it make a difference or is there still a good reason to use host-only vs Internal? In terms of the firewall being setup properly, is that in a scenario of "host-only" or "Internal" adapters? I'm assuming you're meaning "host-only" since there's host access. Thanks for your reply.
@rb it's good to use host-only for best practices, even just for your own learning. The firewall would definitely be needed for internal adapters connected to a local network.
Note that you can filter traffic to host-only interfaces but since you need to be on the host to initiate traffic anyway, it doesn't make much sense to.
@phoneboy thanks. What exactly is the best practice that's being reinforced?
@rb if you're creating a service intended to be accessed only on the same host, why set it up to run on an interface with network access?
Munin, Keeper of Lore