How to disable all network connections in Java

Question

Is there a way to run Java VM (java.exe) on Windows Server 2008 and disable all network connections using a command line argument or a system variable?

Answer 1

You can do this by enabling default Java security manager. By default no security is enforced so you are allowed to do anything, but if security manager is enabled it will restrict network access, file access and lots of other things unless you specify otherwise in the security policy file.

To enable the default security manager pass this argument to JVM on start.

java -Djava.security.manager=default my.main.Class

By doing this any network access attempt from inside JVM will throw java.net.NetPermission.

This will also break things like file access, so if you need to allow it you will need to specify those in a special security policy file (-Djava.security.policy=path/to/policy.file). There should be plenty of examples of how to set it up, just search for "java permissions" to get you started.