Hello guys,
I’m a freshman here and I cannot wait to hack my first box! Before I start, I want to make sure I take the necessary steps to secure myself from other lab users. Rule #6 in the rules section states:
“We strongly recommend not to use your production PC to connect to the HTB Network. Build a VM or physical system just for this purpose. HTB Network is filled with security enthusiasts that have the skills and toolsets to hack systems and no matter how hard we try to secure you, we are likely to fail We do not hold any responsibility for any damage, theft or loss of personal data although in such event, we will cooperate fully with the authorities.”
I don’t see how I can secure myself effectively using a VM or physical machine with no production data. Right now I’m using a kali VM hosted on my production PC. The production PC is connected to a router and the router is connected to the internet. If an attacker manages to get remote access to that kali VM he will have a machine in the same network as my production PC, right? In VMware workstation I can choose between different network adapter options but from my understanding, an attacker will always share a network with the host PC assuming he has access to the VM. If this happens to be the case, I don’t grasp how this setup is more secure than connecting with the production PC itself to the labs. Am I missing something here? Any tips and/or resources are greatly appreciated.