My network is somewhat simple: all PCs in my LAN (Ubuntu desktop, Win7 desktop, XP netbook) connected to a dlink home router, which is connected to ISP's cable modem. LAN has IP subnet 10.10.10.0/24, gateway (the dlink router) is 10.10.10.1, the PCs are 10.10.10.100-120, via DHCP. The PCs share folders among themselves (basic right-click -> share, this is samba, right?). So far, so good.
Now the Ubuntu desktop has VirtualBox. I was planning on installing sandboxed VMs to test malware (and monitor the way they "call home"). So I installed an Ubuntu VM, network set to NAT mode (the default mode, subnet 10.0.2.0/24 I guess).
So I open up Nautilus in the VM, go to "network", and to my surprise… the VM is able to see all the shared folder in the host's LAN!!!
How? Isn't "Shared Folders" something that works on the LAN only? How come a VM that lives in another subnet can access, say, a shared folder in the Win7 machine? They are not in the same LAN! (that would be Virtualbox's "Bridged" mode, correct?). And no, I do not mean VirtualBox's "Share Folder" feature (that maps a host drive as a network share to the guest), I'm not using it.
So, I clearly lack some fundamental knowledge of how shared folders and NAT works.I assumed NAT would isolate the VM from my LAN while still being able to browse the internet. I am very surprised it was able to see my LAN's workgroups even being in a different subnet.
So, question is: How is that possible? How this relation between VirtualBox, Shared Folders and NAT works? And how to setup the VM so it can't see the guest's LAN but is still able to browse the internet?
Best Answer
Chapter 6. Virtual networking:
Networking in VirtualBox (Oracle Blogs):
Like on a physical host, NAT impedes remote connections, but allows outgoing connections. I don't think there's a networking mode that can distinguish your LAN from the rest of Internet.