How to stop the guest OS from infecting the host OS?

Discussion in 'Virtualization' started by Windows user, Sep 10, 2014.

  1. Windows user

    Windows user MDL Senior Member

    Sep 11, 2012
    444
    101
    10
    #1 Windows user, Sep 10, 2014
    Does anyone know how to keep the Host OS protected from any Virus that is present in the Virtual Machine (Guest OS) ?

    I am using NAT network configuration in VMWare Player & I want to keep the Host OS safe from any viruses that might be present in the guest OS.
     
  2. Wishbringer

    Wishbringer MDL Junior Member

    Aug 21, 2009
    85
    26
    0
    #2 Wishbringer, Sep 10, 2014
    A VM is a Sandbox.
    Only connection is over LAN or when activated the shared folders.
     
  3. Windows user

    Windows user MDL Senior Member

    Sep 11, 2012
    444
    101
    10
    #3 Windows user, Sep 11, 2014 (OP)
    Yes,I am aware of that but, the question is...I am using NAT network configuration to connect the VM to the internet, does that mean any virus present in the VM will be able to transfer itself through the network to infect the host PC? :confused:
     
  4. EFA11

    EFA11 Avatar Guru

    Oct 7, 2010
    8,719
    6,741
    270
    #4 EFA11, Sep 11, 2014
    if you must connect a system infected with a virus (something you shouldn't do, since it will potentially propagate itself to the internet as a slave), or potentially infected. You can use your router to isolate the particular ip from the rest of the network,

    If you are not sure if there is a virus on a vm, why would you give it access to any network, period?. Sure... protect your own network, but leaving access to any internet connection means the virus (by nature) will attempt to find another place to infect and propagate itself.

    Virus' are designed to spread themselves, knowingly allowing any network access to a potentially infected system is IMO, negligent and foolish.
     
  5. Windows user

    Windows user MDL Senior Member

    Sep 11, 2012
    444
    101
    10
    #5 Windows user, Sep 11, 2014 (OP)

    I asked coz, I just got a PUP from CNET & that's why I asked....apparently not all software on their website is safe & scanned for viruses :eek: although it was having good reviews.

    I removed it using Malwarebytes but, was still worried.
     
  6. james071

    james071 MDL Novice

    Jul 6, 2014
    28
    2
    0
    #6 james071, Sep 12, 2014
    make sure shared folder are turned off. disconnect the network on the guest.

    download live running antivirus such as kaspersky and run a deep scan. run multiple times the scan. malwarebyte is great tool as you mentioned.
     
  7. Mutagen

    Mutagen MDL Addicted

    Feb 18, 2013
    580
    123
    30
    #7 Mutagen, Sep 13, 2014
    You can't be too careful and are wise to have Malwarebytes in conjunction with a good anti-virus protection. But a PUP is hardly a virus. And just about everything out there wants to make Google Chrome your default browser and also install the Google Toolbar. Read every dialog closely, and check with MDL folks (and elsewhere) before proceeding with anything questionable.
     
  8. TCM

    TCM MDL Addicted

    Aug 25, 2011
    808
    417
    30
    #8 TCM, Sep 18, 2014
    The network is not the only attack vector when you run VMs. VM<->hypervisor communication is a complex system in itself and holes can be anywhere in the device drivers, in VMware Tools, ...

    Don't think that VMs are a silver bullet and the hypervisor is flawless.

    If you suspect a VM of running malware, roll it back to a clean snapshot. Protect the host system in any case as good as you can. Disable all options you don't absolutely need - shared folders, video acceleration, shared clipboards and so on.