Security for Windows guests (95-Vista)

Discussions about using Windows guests in VirtualBox.
Post Reply
GregW67
Posts: 16
Joined: 29. Jul 2021, 08:22

Security for Windows guests (95-Vista)

Post by GregW67 »

I have installed multiple versions of Windows on Virtualbox and am now wondering what options I have for security, namely antimalware programs and Windows updates.

As most here would be aware, older versions of Windows cannot run modern antimalware programs and older antimalware programs have probably not been updated in years. This means that, to my knowledge, there is little available in the way of security for older Windows guests. I am talking Windows 95 through to Vista. Is anyone here using an effective antimalware program, that is able to be updated, on any of these older versions of Windows?

A second security question relates to Windows updates. It is my experience that older Windows versions are now unable to connect to update servers, no doubt because Microsoft has stopped making the updates available. I know that updates would not be available up to today's date but I had been hoping to install those that had been available when the OS's were still being supported.

I know that a simpler answer would be to turn off all networking to the guest systems and just use them offline but I had been hoping to be able to use them online for simple things.
mpack
Site Moderator
Posts: 39156
Joined: 4. Sep 2008, 17:09
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Mostly XP

Re: Security for Windows guests (95-Vista)

Post by mpack »

I very much doubt that online malware would be much of a problem for Win95. No modern malware will be compatible, and it would hardly be a fruitful market for hackers to target.

I suggest that you search online for how to get the latest Win95 updates, offline. Probably you'll find that the OSR2 service pack is still around, if you don't already have it. But frankly, if you really wanted the latest bugfix version of Win9x then you should be installing Win98SE, not Win95! That's basically all that Win98SE is: the final Win95 service pack (actually I guess that was WinME, but I never used it).

p.s. Win95 only barely makes it into the Internet era. It's long before the era of weekly patches, or fast Internet. If you were lucky you got to download one or two big service packs with your 14.4Kbps modem before the next version of Windows came out. Your problem with Win95 won't be online malware, it will be the difficulty in getting online at all.

On AV for Vista: I suggest you Google for that. I never used Vista, and back when I used XP I didn't bother with AV at all. I still wouldn't, but it comes built into Windows now and Win10 cries if I try to turn it off. Keep your eyes on the CPU meter and the task list: that'll soon tell you if strange new processes have appeared. If it's a VM then don't run any executable on the host if that executable was ever accessible to the guest (e.g. if it was ever in a shared folder. If Vista is 32bit then the appearance of an unsigned 32bit executable on your 64bit host should be especially easy to spot).
BillG
Volunteer
Posts: 5102
Joined: 19. Sep 2009, 04:44
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows 10,7 and earlier
Location: Sydney, Australia

Re: Security for Windows guests (95-Vista)

Post by BillG »

Windows Vista has Windows Defender built in. I do not expect that you can update the definitions any more.
Bill
GregW67
Posts: 16
Joined: 29. Jul 2021, 08:22

Re: Security for Windows guests (95-Vista)

Post by GregW67 »

Thanks very much for the help guys.
birdie
Posts: 428
Joined: 2. May 2010, 14:19
Primary OS: Fedora other
VBox Version: PUEL
Guest OSses: Windows, Linux, other Unixes
Location: Artem S. Tashkinov
Contact:

Re: Security for Windows guests (95-Vista)

Post by birdie »

GregW67 wrote:I have installed multiple versions of Windows on Virtualbox and am now wondering what options I have for security, namely antimalware programs and Windows updates.

As most here would be aware, older versions of Windows cannot run modern antimalware programs and older antimalware programs have probably not been updated in years. This means that, to my knowledge, there is little available in the way of security for older Windows guests. I am talking Windows 95 through to Vista. Is anyone here using an effective antimalware program, that is able to be updated, on any of these older versions of Windows?

A second security question relates to Windows updates. It is my experience that older Windows versions are now unable to connect to update servers, no doubt because Microsoft has stopped making the updates available. I know that updates would not be available up to today's date but I had been hoping to install those that had been available when the OS's were still being supported.

I know that a simpler answer would be to turn off all networking to the guest systems and just use them offline but I had been hoping to be able to use them online for simple things.
You're looking at it at the wrong angle and perhaps you don't understand the point of antimalware programs at all.

They do not make your OS more secure, they are meant to protect it against new unknown applications which you may accidentally download from the Internet.

However as for old operating systems they have some innate security issues:

1) Vulnerabilities in the network stack - this can be solved by using only NAT and allowing only outgoing connections. Antimalware applications are useless in this case.
2) Vulnerabilities in the system libraries which can be exploited by 1) running rogue applications (this is where antimalware may help but why would you want to run such applications?) 2) running built-in applications e.g. a web browser - antimalware is unlikely to help in this case, and in general you must never browse the web using outdated applications

If you intent to run only known good applications from trusted vendors, there's no need to install antimalware. It will only slow your system down.
birdie
Posts: 428
Joined: 2. May 2010, 14:19
Primary OS: Fedora other
VBox Version: PUEL
Guest OSses: Windows, Linux, other Unixes
Location: Artem S. Tashkinov
Contact:

Re: Security for Windows guests (95-Vista)

Post by birdie »

To add to my previous post.

Windows 7 is no longer a secure OS. It stopped receiving updates over a year ago (unless you have a ESU subscription which costs some good money and if I'm not mistaken is available only for enterprise customers).
mpack
Site Moderator
Posts: 39156
Joined: 4. Sep 2008, 17:09
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Mostly XP

Re: Security for Windows guests (95-Vista)

Post by mpack »

I'm struggling to see the relevance of the Win7 post in this topic.
birdie
Posts: 428
Joined: 2. May 2010, 14:19
Primary OS: Fedora other
VBox Version: PUEL
Guest OSses: Windows, Linux, other Unixes
Location: Artem S. Tashkinov
Contact:

Re: Security for Windows guests (95-Vista)

Post by birdie »

mpack wrote:I'm struggling to see the relevance of the Win7 post in this topic.
Just like Windows 95 - Vista, it's no longer a supported secure OS and running it in VBox with e.g. a bridged connection is subject to serious security issues in e.g. the Windows network stack, to be more precise its CIFS implementation and possibly other services.

To think about it even enabling NAT is not safe for the following reason: OSes like Vista/7 (not sure about XP) have certain services running at the system level which send and receive information from LAN automatically (e.g. network discovery). You can never know if those services and protocols are or are not exploitable. They very well might be.
GregW67
Posts: 16
Joined: 29. Jul 2021, 08:22

Re: Security for Windows guests (95-Vista)

Post by GregW67 »

Thanks for the replies. I have disabled networking on all my guest operating systems now as I have concluded that I really don't need it. I simply want to run the old systems to take a trip down memory lane, and maybe to run the odd bit of old software that is not supported by Windows 10. As far as I can see, having no network connection = the ultimate firewall for old systems that don't need the internet. The one thing I had hoped to do was run old versions of antivirus and firewall software just to fit in with the history theme of my OS collection (not to protect against anything - I know it would be impossible to obtain up-to-date signatures for such old programs) but no doubt these programs would demand internet access.
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: Security for Windows guests (95-Vista)

Post by scottgus1 »

FWIW a Host-Only network will give you a convenient network between host PC and VM without allowing internet. Virtualbox Networks: In Pictures: Host-Only Adapter
birdie
Posts: 428
Joined: 2. May 2010, 14:19
Primary OS: Fedora other
VBox Version: PUEL
Guest OSses: Windows, Linux, other Unixes
Location: Artem S. Tashkinov
Contact:

Re: Security for Windows guests (95-Vista)

Post by birdie »

scottgus1 wrote:FWIW a Host-Only network will give you a convenient network between host PC and VM without allowing internet. Virtualbox Networks: In Pictures: Host-Only Adapter
VBox' internal file sharing ("Shared folders") should work even with a network adapter completely disabled.
GregW67
Posts: 16
Joined: 29. Jul 2021, 08:22

Re: Security for Windows guests (95-Vista)

Post by GregW67 »

birdie wrote:
scottgus1 wrote:FWIW a Host-Only network will give you a convenient network between host PC and VM without allowing internet. Virtualbox Networks: In Pictures: Host-Only Adapter
VBox' internal file sharing ("Shared folders") should work even with a network adapter completely disabled.
Thanks very much for these tips. I am still very new to VirtualBox and wasn't aware of these options.
scottgus1
Site Moderator
Posts: 20965
Joined: 30. Dec 2009, 20:14
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Windows, Linux

Re: Security for Windows guests (95-Vista)

Post by scottgus1 »

birdie wrote:VBox' internal file sharing ("Shared folders") should work even with a network adapter completely disabled.
@GregW67 This will work when Guest Additions can be used. There's no GAs for 95/98/ME, so for those OS's a full network would be needed to pass files easily.
NT OS's, like 2000,XP,Vista(*) have GAs, so they could use Virtualbox Shared Folders.

* There's been a glitch installing GAs in Vista lately, has somethin to do with Vista's security hashing. If you try GAs in Vista and have trouble, start a new topic.
operation420.net
Posts: 60
Joined: 28. May 2020, 02:17
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Linux, Windows
Location: The hood
Contact:

Re: Security for OLD Windows guests (95-Vista)

Post by operation420.net »

mpack wrote:I very much doubt that online malware would be much of a problem for Win95. No modern malware will be compatible, and it would hardly be a fruitful market for hackers to target.
LOL "security" by obscurity.

Also I read at the time I last tried VirtualBox did not support Windows 98 as a guest. I installed Win98 and it was slow to the point of being unusable...
viewtopic.php?t=8208
mpack
Site Moderator
Posts: 39156
Joined: 4. Sep 2008, 17:09
Primary OS: MS Windows 10
VBox Version: PUEL
Guest OSses: Mostly XP

Re: Security for OLD Windows guests (95-Vista)

Post by mpack »

operation420.net wrote: LOL "security" by obscurity.
Hardly. Unless you wish to say the same about Linux and ChomeOS. The scenario is identical: the target OS for hackers is modern Windows. Anything not modern Windows is relatively safe (*). That situation would change quickly if some other OS became mainstream, and Win95 is about as far from a modern mainstream as its possible to get. And Win95 basically can't get onto the modern Internet anyway: so this is security by basic incompatibility, not "obscurity".

Unless you're one of those odd people who think of malware as some kind of voodoo spell or evil potion, not bound by normal software rules. Yessir, we can bring down those huge Independence Day spaceships with viruses designed for a completely different and largely unknown computer and OS architecture, because that's how software magic works!
operation420.net wrote: Also I read at the time I last tried VirtualBox did not support Windows 98 as a guest.
Quite true. That doesn't mean it won't run, it just means that the devs don't care, and won't put much work into any problems reported. The main implication of "not supported" is that no official GAs pack is provided.
operation420.net wrote: I installed Win98 and it was slow to the point of being unusable...
Then try harder next time. Win98SE doesn't have graphics acceleration or multiprocessor support, but I find that it runs quite well given these limitations, if tuned appropriately. I use the BearWindows VESA driver to improve the graphics experience. See the tutorial for details.
Post Reply