I have a requirement for which I have to get online without protection (firewall, anti-virus). At the same time, I don't want to risk getting infected with viruses.
If I install a virtual machine (VirtualBox) to test, and it does get infected with viruses, will it also infect my host system? In other words, can I use the virtual machine for testing without being concerned about a virus on the virtual machine infecting my host?
If I install a virtual machine (VirtualBox) to test, and it does get infected with viruses, will it also infect my host system? In other words, can I use the virtual machine for testing without being concerned about a virus on the virtual machine infecting my host?
There seems to be some misconceptions about NAT and bridge connections in VM environments. These do not allow your host to be infected. A VM operating system will have no access whatsoever to the host operating system and will be completely unaware it is operating as a Client Virtual Machine. Software running inside that operating system will be even less wise about it.
It is through direct relationships between the client and the host machine that may exist a chance of getting infected. This happens if you allow the client and the host to share folders. The largest chunk of VMware (to name one popular product) vulnerabilities of note ever found have been directly or indirectly tagged to this feature. A complete isolation is achieved by turning off shared folders. Any other vulnerability has been discovered on the Host side when vulnerabilities on the VM engine itself would allow a potential attacker to hook up through the host machine and gain access to any clients, or run code of their own.
Security issues may indeed be more involving if one is running a large VM structure such as those proposed through VMware Server topologies. But if running single-computer VMware Workstation solutions, there is no security issue under NAT or Bridge connections. You are safe as long as you don't use shared folders.
EDIT: To be clear, when I speak of NAT or Bridge connections I'm speaking only of the VM ability to share the host network connection with its clients. This does not give the client any access to the host and it remains entirely isolated, provided functionality like VM Shared Folders is turned off. Naturally, if instead the user decides to network Host and Client, then said user explicitly decided to connect both machines, and with it wave intrinsic VM security. This then becomes no different from any other private network environment and the same securities issues and concerns need to be addressed.
It depends.
If your virtual machine (guest) has no network access to your host, your host won't get affect by any virus in your guest operating system.
My 2 cents...
In a nutshell, malware that executes in the context of the guest OS will NOT be able to infect the host OS, and will likely not even be aware that there is a host OS (though, hypothetically, breaking out of the virtualized environment IS possible, it won't become very common for a while, I suspect).
Some exceptions:
Overall, web surfing in the context of a VM is probably the safest way to surf, hands down (given the poor track record of AV s/w and other avenues of protection). In fact, using a separate, restricted account is probably sufficient, but a VM will certainly provide additional isolation.
No, if you don't setup any network connection (like NAT or Bridge) between host and guest OS. If you want to ensure total separation between the two worlds, please prefer "Bridge" connections and map one NIC to your Host PC and one other NIC to your VM-ed Guest.
It would be like having two isolated networks sharing only the powering bus (your actual PC, indeed).
VirtualBox, but also VMWare or Xen or Parallels, can easily setup for you such an environment
Yes, if you have shared folders...
Either shared folders through the VM, or standard networking.
I am not sure, and have not seen any viruses in quite a while that spread like this and edit files over a network, but it is possible.
Just because it is a VM does not mean it is safe, you just have to treat it like another physical machine on your network.
So, if you have anti virus on your host machine (and others on your network) you are as safe as you are going to be, but again... treat any VM like any other physical machine.
The only safe way to run a VM is to disable networking features (or VLAN separate it completely from your network... and not have any sort of management interface on that VLAN.) and disable all the host/guest integration that involve sharing files.
Technically it is 100% possible to be sure - even if the network is isolated and are not sharing folders.
Although it is very unlikely unless the virus developer knew of a flaw in the combination of your host OS and your Guest VM and targeted it sepcifically. If you want to make a virus you want to make one that affects the largest number of computers possible and you won't find a flaw to exploit in some rare frequently used application.
The same answer holds for a sandbox or any layer of interpretation between the two. I think if you could run a 32 bit guest OS and a 64 bit host you would be the most safe since the exploit to target the guest OS to overflow and then also trigger the overflow in the vm/sandbox would be even more challenging since you'd have to compile the payloads in 4 combinations - but then again this is what is typically done with an attacker and a single operating system layer - the payload is prepared for the OS or exploitable service version and one for each 32 and 64 then he just throws them both at the machine.
It is exactly like the previous comment on BSD - the more uncommon your setup is the least likely a virus will target it.
If we all ran VM's to test out software we were suspicious of or to browse the net, the fact it's in a VM wouldn't matter anymore and to be very clear again you are open to a virus infection.
Also, there are special hardware considerations with the newer virtualization technologies and I'm primarly talking about software virtualization in which the guest machine code is being run by software in the host so that overflowing to the software instruction pointer seems to me to be extremely challenging and a waste of time. I'm not at all sure how this changes when we deal with a bios enabled hyper V or Xen etc - it may be that the virtual machines are more isolated or it may also be worse due to a vm running it's code in the actual hardware pipeline - it really depends on how the 'bios virtualization' works.
If in VirtualBox you have no shared folders or use any of the device features and if you want to be even more sure, look at the bottom of the VirtualBox window:
You should be able to run any viruses and not get one on the host machine, although to be sure, keep antivirus software running.
You should try Sandboxie (or any other sandboxing tool)
It will isolate your browser and delete everything after your done. That way, even if you get a virus, it won't be able to leave the sandbox.
Benefits of the Isolated Sandbox
