locked
security between virtual and pc RRS feed

  • Question

  • hello
    is it possible for a hacker or virus of some sort to get into the real pc using the virtual pc and the integration features?
    Wednesday, November 18, 2009 4:11 PM

Answers

  • Yes, of course. When the virtual machine can see all of the physical machine's file system, a virus can alter the physical machine's file system. You can configure a virtual machine to be a safe, isolated sandbox. The two things you must do to isolate the vm are:

    1. Configure for no vm access to the physical file system.
    2. Disable networking to the host. Either choose no networking or local only.

    Also and quite obviously, you wouldn't want to connect a USB external drive to a virtual machine that might contain a virus. I've used Virtual PC to provide an isolated sandbox for investigating known malware. It is possible for malware to check to see if it is running in a virtual machine. Keeping that in mind, malware can behave inside in virtual machine and appear safe only to wreak havoc when it is running on a physical machine. If you need to import malware into an isolated virtual machine, you can burn the suspect files to a CD/DVD (or more conveniently an iso file) and read them into the vm through the virtual optical drive.

    None of this should be misconstrued to make an unfounded allegation that virtual machines are a security risk. If a physical machine on a network has access to network shares on another physical machine, malware on the first machine can spread to the second machine. A virtual machine is no different. The lesson here is that antimalware software should be installed on both physical and virtual machines.
    • Proposed as answer by John Paul Cook Wednesday, November 18, 2009 8:58 PM
    • Edited by John Paul Cook Wednesday, November 18, 2009 10:54 PM
    • Marked as answer by Novak Wu Thursday, November 19, 2009 3:50 AM
    Wednesday, November 18, 2009 6:20 PM

All replies

  • Yes, of course. When the virtual machine can see all of the physical machine's file system, a virus can alter the physical machine's file system. You can configure a virtual machine to be a safe, isolated sandbox. The two things you must do to isolate the vm are:

    1. Configure for no vm access to the physical file system.
    2. Disable networking to the host. Either choose no networking or local only.

    Also and quite obviously, you wouldn't want to connect a USB external drive to a virtual machine that might contain a virus. I've used Virtual PC to provide an isolated sandbox for investigating known malware. It is possible for malware to check to see if it is running in a virtual machine. Keeping that in mind, malware can behave inside in virtual machine and appear safe only to wreak havoc when it is running on a physical machine. If you need to import malware into an isolated virtual machine, you can burn the suspect files to a CD/DVD (or more conveniently an iso file) and read them into the vm through the virtual optical drive.

    None of this should be misconstrued to make an unfounded allegation that virtual machines are a security risk. If a physical machine on a network has access to network shares on another physical machine, malware on the first machine can spread to the second machine. A virtual machine is no different. The lesson here is that antimalware software should be installed on both physical and virtual machines.
    • Proposed as answer by John Paul Cook Wednesday, November 18, 2009 8:58 PM
    • Edited by John Paul Cook Wednesday, November 18, 2009 10:54 PM
    • Marked as answer by Novak Wu Thursday, November 19, 2009 3:50 AM
    Wednesday, November 18, 2009 6:20 PM
  • thanks for the informative answer!
    Wednesday, November 18, 2009 8:45 PM