close

Privacy guaranteed - Your email is not shared with anyone.

Welcome to Glock Talk

Why should YOU join our Glock forum?

  • Converse with other Glock Enthusiasts
  • Learn about the latest hunting products
  • Becoming a member is FREE and EASY

If you consider yourself a beginner or an avid shooter, the Glock Talk community is your place to discuss self defense, concealed carry, reloading, target shooting, and all things Glock.

Windows 7 with XP mode networking question

Discussion in 'Tech Talk' started by srhoades, Sep 21, 2011.

  1. srhoades

    srhoades

    2,800
    10
    Jul 14, 2000
    I have a client that insists on separating the internet from their work network, and not for any good reason other than they are paranoid. Currently they have two networks and two computers. They are getting new computers and I was wondering if I could give the Windows 7 host a static IP and leave the gateway blank while sill allowing the XP machine to obatin or assign an IP to get on the internet. I'm assuming that if the XP virtual adapter uses NAT that it probably won't work, but I wasn't sure if XP mode support direct access to the adapter.
     
  2. kc8ykd

    kc8ykd

    2,090
    0
    Oct 6, 2005
    michigan
    you can do that, at least using ms's virtual pc. you can have the client use the host's nic directly, or via nat.

    i don't have virtual xp installed, but i'm guessing it should react the same.

    just leave the gateway addr out of the host and let the xp client use dhcp to get it's address.

    i would keep the host machines on a different subnet than that for the xp machines.

    so, the hosts would use 192.168.1.0/24 and the xp machines would use 192.168.2.0/24, for simplicity sake (the internet router's internal interface should be on the .2.0/24 network). this is just an example as far as the ip's themselves, just to show the "separation" between the networks.

    the hosts will be able to communicate with each other without problem as long as they are on the same subnet.


    if their really paranoid, you might propose installing a second nic on the machines just for the internal network and vlanning their switch to keep the actual traffic separate. although, having the machine's bridge the two networks isn't ideal but it might ease their minds a little.
     


  3. kc8ykd

    kc8ykd

    2,090
    0
    Oct 6, 2005
    michigan
    no problem.

    with the second nic, you should be able to leave it unconfigured in the host system, and tell the virtual xp to only use the second nic, either scenario, configure the nic from within the virtual machine just like you were doing it like normal.
     
  4. Pierre!

    Pierre! NRA Life Member

    3,991
    162
    Jun 20, 2003
    Lovin Sparks Nv!
    I just got to ask...

    Why would a client WANT a documented LESS SECURE OS on the internet?

    And at double the cost? Or close to it anyway... even OEM copies of XP aren't free.

    They do want to run legally licensed software, right?

    Win7 is waaaay better on the internet these days. XP is now a 'has been' and hosts more rootkit infections... The numbers, if really correct, are pretty staggering.

    You may want to point this out... IF they are going to be paranoid, then help them out! Win7 host running Win7 VM's would be much better, and still costly, but the savings from not being infected all the time would justify it... and then there is the whole 'recover from an image or snapshot' scenario that the host system AND VM systems could employ.

    Certainly you can snapshot the XP systems too, but c'mon... you will still suffer unnecessary business interruptions.

    Hope that helps ya out.

    Patrick
     
  5. kc8ykd

    kc8ykd

    2,090
    0
    Oct 6, 2005
    michigan
    virtual xp is free for most versions of windows 7, and there's a kb patch that removes the hardware virtualization requirement.

    they should be able to run it as basically a sandbox, where at the end of the session, they can choose to write any changes to disk. so, if it gets mucked up, they simply discard any changes and next time it runs, it's like the last session never happened.

    keep it patched and run some decent a/v software and take all the normal precautions and it shouldn't have any problems.
     
  6. srhoades

    srhoades

    2,800
    10
    Jul 14, 2000
    Dell has Free upgrades to windows 7 professional on some system and configured with XP mode is $45. And as far as infections, they don't get infected now because *gasp* they only use the internet for business related junk. At one point they had their SonicWall configured with like 10 websites they were allowed to visit.
     
    Last edited: Sep 22, 2011
  7. tous

    tous GET A ROPE!

    30,888
    26,300
    Jan 7, 2001
    Plano, Texas, Republic of
    Do as your customer wishes without the comments or don't work for them.

    As mentioned, virtual networking with Virtual PC is quite flexible.
     
  8. kc8ykd

    kc8ykd

    2,090
    0
    Oct 6, 2005
    michigan
    i think it would be irresponsible to not look for vulnerabilities, waste, and inefficiencies, and not make recommendations as to how to mitigate them.

    the customer knows what they want, as far as the end result, but they may not know the best ways to achieve that goal while maintaining a prudent level of security. they also might not recognize other vectors of attack simply because they are not very familiar with the technologies involved.

    sitting down with a customer, or employer, and reviewing the plan is a good idea and opportunity to educate and mitigate threats while finding a cost effective solution to their problem. i've found that customers and employers respect that, and come away feeling as if you're looking out for them.

    it's imperative that one is knowledgeable about the subjects so as to be able to propose and implement the most efficient and secure solutions, which is what srhoades has done in this case.
     
    Last edited: Sep 22, 2011
  9. Pierre!

    Pierre! NRA Life Member

    3,991
    162
    Jun 20, 2003
    Lovin Sparks Nv!
    Very Well Put kc8ykd! We are responsible to assure 'Best Practices' are recognized and adhered to... or be sure you have a fat insurance policy! :cool:

    My favorite is when you deliver the solution to the issue, they say they want it their way, and then they call you back wanting to fix 'their way' ... and that is usually 'can you drop everything and be here NOW?" And it's usually on Saturday... :supergrin:
     
    Last edited: Sep 23, 2011
  10. srhoades

    srhoades

    2,800
    10
    Jul 14, 2000
    That's what kc8ykd's comment, not mine.
     
  11. Pierre!

    Pierre! NRA Life Member

    3,991
    162
    Jun 20, 2003
    Lovin Sparks Nv!
    :embarassed:

    HAHAHA... Reading - Be surprised what it will get you... a lost art, and fortunately I just *proved* it... :wow:

    Forgive me my *BOZO* Moment.

    {sigh}

    Patrick