Microsoft Virtual PC / VirtualBox and Antivirus/Firewall ?

Discussion in 'Virtualization' started by Adam999, Feb 20, 2013.

  1. Adam999

    Adam999 MDL Novice

    Feb 19, 2013
    23
    1
    0
    I use sometimes Microsoft Virtual PC or Oracle VM Virtual Box to test software in empty Windows systems. Empty means no anti-virus and only Windows' firewall (activated in the virtual Windows OS).

    Something I sometimes wonder if there is a risk that:

    1. The virtual Windows will get infected with malware/virus via the Internet
    2. The Windows OS installed on the hardware can get infected if the virtual Windows get infected

    I have of course anti-virus and firewall etc. installed in the "master" Windows (that is installed on the hardware). But will this anti-virus / firewall also protect the virtual Windows to 100%? Or may there be a way in, to the system, by attacking the virtual Windows?
     
  2. Carlos Detweiller

    Carlos Detweiller MDL Spinning Tortoise

    Dec 21, 2012
    2,218
    1,810
    90
    Antivirus:
    The guest OS needs its own virus protection, the host antivirus doesn't protect you (with one exception, read the firewall part, too). So, yes, infection is well possible. Plus, malware can be specifically crafted to detect a VM and break out (to infect the host). While a VM usually is separated from the host OS, there are features (like Shared folders) that allow it to propagate to the host.

    Firewall:
    If the host firewall protects you depends on your VM network type selection. If you use NAT for the VM, the host firewall is in effect, and you have an additional NAT layer to repel incoming connections. In the case of NAT the host antivirus is able to catch malware downloaded by the guest if it has a realtime webscanner.
    If you use the Bridge network type the guest must run its own firewall! Nothing from the host will protect you since the VM is a separate participant in the LAN, with its own MAC and IP(s).

    Small note regarding IPs: Bridged network type supports IPv6, so take care of that, too.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...