Closed choiwj1216 closed 7 years ago
host or nat mode ? firewall?
firewall is turned off as the instruction shows.
host(ubuntu) has internet connection, but guest can't even ping 8.8.8.8 anymore.
check iptables
iptables on your host where cuckoo installed, as you should apply iptables to enable internet
You were right! I applied it again, and it worked. I did not even think about iptables in host because already added that in when was installing. I don't understand why it got deleted...
i suggest you use iptables-save to save/restore it automatically, probably reboot or someone else just did -F?
i glad what the issue is solved :)
Thanks for your help!! I really appreciate it!
@doomedraven one more question about having guest os connected to internet. Since the guest does not have any protection with firewall turned off, but analyzing malicious urls from time to time, would that make the host or any other servers in same network dangerous from malware?
you don't need to reopen it, we still getting your comment even if that closed
well there are a lot of stuff to have in mind, if i/or an employee upload some sample to sandbox and that has reverse shell I will have full access there, then it depends if no nat activated there no possibility to scan, but there can be possibility to vm escape if you don't have patched hypervisor or that is 0day, so there some risk to have in mind as always
@doomedraven I see! thank you very much!!
You are welcome :)
I was wondering if Win7 guest has to be connected with internet? If yes, how should this be configured?
It was actually connected to internet on the day I installed Cuckoo. Test ran with few malicious url, and got the results that were expected.
But today, which is 3 days after the installation, I found out that it does not have an internet connection when no change was made. So out of curiosity, ran the same url samples I ran on the first day, but got little bit different results.