Basic VM Network Configuration

Virtual machines need network access to be useful.

VirtualBox provides several networking modes, each with different use cases and security implications.

Changing Network Settings

  1. Power off your VM
  2. Right-click the VM and select "Settings"
  3. Go to the "Network" tab
  4. Select the adapter you want to configure
  5. Choose the network mode from the dropdown
  6. Click "OK" and start your VM

Best Practices

  1. Start with NAT for general use
  2. Only use Bridged when necessary
  3. Use Host-only or Internal for sensitive work

Network Modes

Quick Decision Table for CTFs / Red vs Blue

SituationBest ModeNotes
Downloading tools, updatesNATSafest option for general internet use
Hosting multi-VM labsNAT Network or Host-onlyChoose based on whether you need host access
Attacking/defending services on your real LANBridgedUse private networks; beware of public Wi-Fi
Fully isolated malware analysisHost-only or Internal NetworkBest for total isolation from the internet
Expecting reverse shells or incoming attacksBridged (preferred) or NAT with port forwardingBridged is simpler and more reliable

NAT (Network Address Translation)

  • What: Your VM shares your host's IP address
  • When to use: Default choice for most situations
  • Why:
    • Safest option for general use
    • VM can access the internet but can't be accessed from outside
    • Good for downloading tools and updates
    • Protects your VM from direct network attacks

NAT Network

  • What: Multiple VMs share the same private network
  • When to use: When you need multiple VMs to communicate
  • Why:
    • VMs can talk to each other
    • Still protected from external access
    • Useful for setting up test environments
    • Good for practicing network attacks between VMs

Bridged

  • What: VM gets its own IP on your local network
  • When to use: When you need direct network access
  • Why:
    • VM appears as a separate device on your network
    • Can be accessed by other devices on your network
    • Useful for testing network services
    • Required for some CTF challenges
  • Warning: Less secure - your VM is directly exposed to your network

Host-only

  • What: VMs can only communicate with the host
  • When to use: When you need complete isolation
  • Why:
    • Most secure option
    • No internet access
    • Good for testing malware
    • Useful for completely isolated environments

Internal Network

  • What: VMs can only communicate with each other
  • When to use: When you need multiple isolated VMs
  • Why:
    • Complete network isolation
    • VMs can't reach the host or internet
    • Perfect for practicing network attacks
    • Good for testing network tools